BRANDEFENSE BRANDEFENSE
  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Terms of Use
    Contact Us
Request a Demo
Login

BRANDEFENSE

  • Platform
    How It Works?
    Platform Overview
    Cyber Intelligence
    Brand & Reputation Protection
    Exposure Management
    By Use Case
    Preventing Data Leakage
    Phishing Monitoring
    Account Takeover Detection
    Stolen Credit Cards
    Dark Web Monitoring
    Remediation and Takedown
    Q1 | 2023
    Explore the Ransomware Attacks
  • Solutions
    Threat Intelligence Service
    Brand Protection
    Vulnerability Management
    Attack Surface Management
    Fraud Protection
    VIP Security
    Vulnerability Intelligence
  • Resources
    Blog
    Infographics
    Datasheets
    Security News
    Threat Intelligence Researches
    Digital Risk Protection – FAQ
    Cybersecurity Glossary
    Events
  • Partners
    About the Partner Program
    Become a Partner
    Partner Portal
  • Company
    About Us
    Join Us!
    We in the Press
    Privacy Policy
    Terms of Use
    Contact Us
“Triangulation Trojan” Launches Sophisticated Attack on Apple Devices

“Triangulation Trojan” Launches Sophisticated Attack on Apple Devices

BRANDEFENSE
Security News
02/06/2023

Last updated on July 28th, 2023 at 03:59 pm

Table of Contents

  • Specialized for Apple’s Mobile Devices
  • C2 Domains For Triangulation Trojan Attack
    • It Is Not First Spyware For iMessage: Pegasus Spyware
  • How Can Brandefense Help You?
    • Brandefense Dark Web Monitoring Solution
      • Dark Web Monitoring

Specialized for Apple’s Mobile Devices

 

Security experts have uncovered an advanced, targeted cyberattack that leverages Apple’s mobile devices. The attack, named “Triangulation,” is aimed at planting covert spyware into the iPhones of employees of certain companies, including middle and top management personnel.

The cyberattack employs an invisible iMessage carrying a malicious attachment. Utilizing multiple vulnerabilities within the iOS operating system, the attachment is executed on the device, stealthily installing the spyware. This occurs without the need for user action. Once in place, the spyware discreetly relays sensitive data back to remote servers, including microphone recordings, instant messenger photos, geolocation, and other user activity data.

The proprietary nature of iOS makes the detection and removal of this spyware particularly challenging, requiring the use of external tools. A vital sign of the Triangulation presence is disabling iOS updates on the infected device. Additionally, a device backup should be made and checked using a unique utility for a more definitive infection confirmation. Kaspersky is also in the process of developing a free detection tool.

Unfortunately, due to the specific way the spyware blocks iOS updates, there is currently no effective method to remove the Triangulation without losing user data. The only recourse is to reset the infected iPhones to factory settings and install the latest version of the operating system and the entire user environment anew. This is crucial as the spyware can re-infect through vulnerabilities present in an outdated iOS version.

The attack’s sophisticated nature is such that it remained largely undetected until anomalies within the network originating from Apple devices were picked up by Kaspersky’s Unified Monitoring and Analysis Platform (KUMA), a native Security Information and Event Management (SIEM) solution. Subsequent investigations revealed that several dozen iPhones belonging to senior employees were infected with the spyware.

Kaspersky is still investigating this incident, with more information to be shared in a dedicated post on Securelist. They anticipate further details on the global proliferation of this spyware will emerge in the coming days. Despite being targeted in this attack, Kaspersky stresses they were not the primary objective and assures their business processes and user data remain unaffected.

C2 Domains For Triangulation Trojan Attack

 

The source is SecurceList.

addatamarket[.]net

backuprabbit[.]com

businessvideonews[.]com

cloudsponcer[.]com

datamarketplace[.]net

mobilegamerstats[.]com

snoweeanalytics[.]com

tagclick-cdn[.]com

topographyupdates[.]com

unlimitedteacup[.]com

virtuallaughing[.]com

web-trackers[.]com

growthtransport[.]com

anstv[.]net

ans7tv[.]net

It Is Not First Spyware For iMessage: Pegasus Spyware

 

Citizen Lab digital security researchers have detected a new zero-click iMessage vulnerability, which is used to install Pegasus spyware on the iPhone devices of Catalan politicians, journalists, and activists.

Pegasus is developed by the Israeli firm NSO and marketed to governments as licensed software for investigating terrorist activities. With Pegasus spyware, attacks were carried out on high-level authorities of many states such as the United Kingdom and Finland.

Between 2017 and 2020, it was observed that Pegasus targeted at least 65 people by exploiting the Kismet iMessage vulnerability and a vulnerability in Whatsapp. Many people are among the recently observed campaign targets, such as Catalan members of the European Parliament, heads of state, judges, lawyers, and journalists… [Read More]

How Can Brandefense Help You?

 

Our innovative service offers a range of benefits that can help you stay ahead of cybercriminals and protect your brand reputation. With early detection of cyber threats, you’ll have more time to respond and prevent potential data breaches or other attacks. Our dark web monitoring can enhance your overall security posture and protect your sensitive data and assets.

 

 

Brandefense Dark Web Monitoring Solution

 

Early Detection of Cyber Threats: Dark web monitoring allows businesses to detect cyber threats early on, giving them more time to respond and prevent potential data breaches or other attacks.

Enhanced Security: By monitoring the dark web for potential threats, businesses can stay ahead of cybercriminals and protect their sensitive data and assets.

Brand Protection: Dark web monitoring can also help businesses protect their brand reputation by detecting any attempts to sell counterfeit products or impersonate their brand.

Cost-Effective: The cost of a data breach can be substantial in terms of financial losses and damage to brand reputation. Dark web monitoring is a cost-effective way to mitigate these risks and prevent costly cyber attacks.

 

Contact us today to learn more about how Brandefense’s dark web monitoring service can help you protect your business and achieve peace of mind.

Dark Web Monitoring

We know what hackers know about you

Discover the Solution
Share on Facebook Share on X
Search
Categories
APT GroupsBlogDark WebDRPSFraudRansomwareSector AnalysisSecurity NewsVIP SecurityWe in the PressWeekly Newsletter
Recent Posts
  • What is Supply Chain Security?
    What is Supply Chain Security?
  • Godfather Android Banking Trojan Technical Analysis
    Godfather Android Banking Trojan Technical Analysis
  • Celebrating a Milestone: Brandefense Earns a Spot on Fast Company Turkey’s Top 100 Start-Up List
    Celebrating a Milestone: Brandefense Earns a Spot on Fast Company Turkey’s Top 100 Start-Up List
  • Perspective of the Month | Anonymous Sudan | June – July 2023
    Perspective of the Month | Anonymous Sudan | June – July 2023
Ransomware Trends Report | Q2 2023
Ransomware Attack Trends in the Second Quarter of 2023
Report

Ransomware Attack Trends in the Second Quarter of 2023

Download Report
Follow us!

Continue Reading

Previous post

Perspective of the Month | APT Groups

perspective of the months apt groups
moveit zeroday vulnerability
Next post

MOVEit Transfer Software Exploited Through Critical Zero Day Vulnerability 2023

We know what hackers know about you

Our cyber threat intelligence and security research team is ready to help you.
image link

Brandefense is solving SOC’s complex challenges. We are here to help Brandefense customers to protect their brands and reputations against cyber threats.

United States:

300 Delaware Ave. Ste 210 #328 Wilmington, DE 19801 / USA

Republic of Turkey:

Üniversiteler, 1605 Cd. Cyberpark Vakıf Binası Kat: -1 No: B25, 06800 Çankaya/Ankara

© 2022 Brandefense. All rights reserved.

Solutions
Threat IntelligenceBrand ProtectionVulnerability ManagementFraud ProtectionVIP SecurityAttack Surface ManagementVulnerability Intelligence
Use Case
Data LeakagePhishing MonitoringAccount Takeover DetectionStolen Credit CardsDark Web MonitoringRemediation / Takedown
Partners
About the Partner ProgramBecome a Partner
Company
AboutCareerPrivacy PolicyTerms Of UseContact
Close
Search

Hit enter to search or ESC to close

cookie By using this website, you agree to our cookie policy. Close