MOSCOW, June 22. /TASS/. Apple fixed vulnerabilities in the iOS 15 and 16 that were used for a targeted hacker attack with Triangulation spyware, Kaspersky Lab specialists wrote in their Telegram channel.
"Apple has patched the vulnerabilities used in the Triangulation attack ... and released updates for iOS 15 and iOS 16 that fix these vulnerabilities. They were used in real attacks and resulted in the execution of random code," the statement said.
Kaspersky Lab experts said on Thursday they found out how cyber spies collected victims' data during a targeted attack on Apple devices - the attackers used a special TriangleDB spy implant running in the device's memory. "Kaspersky Lab experts discovered how attackers obtained data from victims during the Operation Triangulation campaign. They used a spy implant called TriangleDB, which gives attackers covert monitoring capabilities and runs entirely in the device's memory, so all traces of its work are erased when the device is rebooted," Kaspersky Lab press service told reporters.
According to Kaspersky Lab, the implant may execute 24 commands in total, enabling attackers to create, edit, steal, and remove files from phones, manipulate processes, and track a victim's geolocation. A similar implant, according to the company, may also be used in attacks on macOS device.
On June 1, Kaspersky Lab CEO Evgeny Kaspersky said that the company has uncovered a targeted cyberattack carried out via Apple mobile devices. He noted that several dozen iPhones of the company’s employees were infected with spyware, an effective way to remove which has not yet been found.