The cybersecurity community has warned about a new cyberattack aimed at Apple’s mobile devices. The attack, “Triangulation,” is a complicated scheme that discreetly hack into the iPhones of certain employees, including those in the web3 sector, explicitly targeting middle and upper management staff.
Exploiting vulnerabilities in Apple’s operating system
This attack exploits vulnerabilities in the iOS operating system and involves sending a hidden iMessage with a malicious payload. When a device is successfully triangulated, the malware installs itself without the user’s knowledge or consent.
This insidious malware records and transmits audio, video, and other data from the user’s microphone, instant messenger, and location services to remote servers.
Kaspersky Unified Monitoring and Analysis Platform (KUMA), a vital security information and event management tool, enabled the discovery of this sophisticated malware.
After detecting network irregularities from Apple devices, KUMA helped cyber security researchers to discover Triangulation malware on several iPhones belonging to high-ranking personnel.
Unfortunately, the closed iOS environment has no built-in tools for detecting and removing malware. To combat this covert assault, other technologies are required.
In response to the critical necessity for early discovery and correction, security researchers created a specialist tool called “triangle_check.”
Once it has been extensively tested, this tool will be made accessible for free to help find signs of compromise in backups produced from Apple devices.
Removing malware from iPhones without compromising users’ private information remains challenging. The only solution currently available is to reset the affected device to its factory settings and reinstall the latest operating system and user environment.
Failure to take these steps may result in Triangulation exploiting weaknesses in older iOS versions and infecting the device again.
Possible impact on crypto holders
The crypto industry is at risk due to the potential hacking of iPhone devices used by crypto users.
This raises concerns about the safety and privacy of crypto transactions, as leaked private information such as geo-location data and messages can be exploited by attackers to steal crypto from wallets, compromise transaction security, or even steal identities.
Given the stakes, businesses must implement stringent cybersecurity measures and maintain high vigilance. The chance of falling prey to Triangulation and similar sophisticated cyber attacks targeting the crypto ecosystem may be reduced by regularly upgrading iOS devices to the newest version, using multi-factor authentication, and practicing basic security hygiene.