Kaspersky—the Russian cybersecurity firm—has reportedly been hit with an iOS zero-click exploit that has been in use against its employees. Like most stealthy malware of this nature, once on the victim’s device, it captures microphone audio, photos, location data and much more.
The attack is similar to other iOS zero-click exploits, making use of an invisible iMessage with a malicious attachment to install spyware. The deployment is completely hidden and requires no interaction from the user.
CEO Eugene Kaspersky wrote in a blog post:
“We are quite confident that Kaspersky was not the main target of this cyberattack. The coming days will bring more clarity and further details on the worldwide proliferation of the spyware.”
The Russian National Coordination Centre for Computer Incidents believes the attacks were part of a larger USA-driven operation against Russia’s diplomatic missions and embassies. The FSB, Russia’s federal security service, alerted that they believed Apple helped the National Security Agency with the hack. Apple has denied the claim.