Zero-click iOS spyware hits Kaspersky staff

Kaspersky—the Russian cybersecurity firm—has reportedly been hit with an iOS zero-click exploit that has been in use against its employees. Like most stealthy malware of this nature, once on the victim’s device, it captures microphone audio, photos, location data and much more.

The attack is similar to other iOS zero-click exploits, making use of an invisible iMessage with a malicious attachment to install spyware. The deployment is completely hidden and requires no interaction from the user.

CEO Eugene Kaspersky wrote in a blog post:

“We are quite confident that Kaspersky was not the main target of this cyberattack. The coming days will bring more clarity and further details on the worldwide proliferation of the spyware.”

The Russian National Coordination Centre for Computer Incidents believes the attacks were part of a larger USA-driven operation against Russia’s diplomatic missions and embassies. The FSB, Russia’s federal security service, alerted that they believed Apple helped the National Security Agency with the hack. Apple has denied the claim.

A technical breakdown of the hack is available on Kaspersky’s SecureList and Kaspersky has also made a tool available on GitHub to help you check if you’re infected with Triangulation.

‍

Zero-click iOS spyware hits Kaspersky staff

A weaponised Super Mario Game is spreading malware

Breaking MFA with Kuba Gretzky

Zero-click iOS spyware hits Kaspersky staff

A weaponised Super Mario Game is spreading malware

Breaking MFA with Kuba Gretzky

Chinese state stealthily evading detection in USA critical infrastructure

A weaponised Super Mario Game is spreading malware

Breaking MFA with Kuba Gretzky