Kaspersky Discloses Apple Zero-Click Malware


Protect Your Access to the Internet

Endpoint Security

Russian Government Claims It Uncovered ‘Several Thousand’ Infections

Kaspersky Discloses Apple Zero-Click Malware
iPhones for sale in St. Petersburg, Russia, in August 2021 (Image: Shutterstock)

Russian cybersecurity firm Kaspersky said it uncovered zero-click malware infecting staffers’ iPhones on the same day the Kremlin claimed it had uncovered a “reconnaissance operation by American intelligence agencies.”

See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm

Kaspersky, in a Thursday blog post, said the malware has been active at least since 2019 and infects devices with an iMessage attachment that automatically triggers code execution. Kaspersky calls the campaign behind the malware Operation Triangulation.

Russian domestic intelligence agency the Federal Security Service said it had uncovered several thousand iPhones infected with the same malware and accused Apple of collaborating with the U.S. National Security Agency.

The malware exfiltrates data including microphone recordings, photos from instant messaging apps, geolocation and other sensitive data. The Russian National Coordination Center for Computer Incidents issued a bulletin listing the same set of 15 malware command-and-control domains that Kaspersky identified.

Apple, which has a well-documented history of defying U.S. government attempts to weaken its security, issued a terse statement.

“We have never worked with any government to insert a backdoor into any Apple product and never will,” an Apple spokesperson said.

The smartphone giant also said that Kaspersky had reported the malware doesn’t work past the iOS 15.7 iPhone operating system. Apple introduced iOS 16 to the public last September.

A Kaspersky spokesperson said the company determined one of the vulnerabilities used by the malware was CVE-2022-46690, an out-of-bounds…