The cybersecurity company Kaspersky has launched a tool to check for the presence of the new “Triangulation” virus on Apple iPhones and other iOS devices.
Kaspersky reported that this virus was found on its own network and that it has been infecting many iOS devices across its locations since at least 2019.
The cybersecurity company reported that, although malware investigation is still ongoing, the ‘Operation Triangulation’ malware campaign employs an unidentified zero-day attack on iMessage to execute code with elevated privileges and no user involvement.
This enables the attack to download additional payloads to the target device for use in executing further commands and information gathering.
FSB, Russia’s intelligence and security service, also connected the virus to infections of senior government officials and international diplomats.
The Mobile Verification Toolkit (MVT) may be used to manually verify iOS device backups for potential signs of infiltration by this unidentified virus, as described in great length in the original report by Kaspersky.
Apple’s multiple security measures (sandboxing, data encryption, code signing) hinder live system analysis, therefore iOS can only be analyzed as a backup.