"New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices"

More information about the spyware implant delivered to iOS devices as part of the Operation Triangulation campaign has emerged. The malware has a 30-day lifespan, after which it is automatically uninstalled unless the attackers extend the time. The "TriangleDB" implant is deployed after the attackers behind it exploit a kernel vulnerability to obtain root privileges on the target iOS device. According to researchers, it is deployed in memory, so when the device is rebooted, all traces of the implant are lost. Therefore, if the victim reboots their device, the attackers must reinfect it by sending an iMessage with a malicious attachment, reactivating the entire chain of exploitation. Operation Triangulation involves the use of zero-click exploits via the iMessage platform, thereby granting the spyware full control over the device and user data. This article continues to discuss the spyware implant delivered to iOS devices as part of the Operation Triangulation campaign. 

THN reports "New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices"