Tech

Apple Patches Critical Vulnerabilities Used to Distribute ‘Triangulation’ Spyware

Apple has released security updates to patch three zero-day vulnerabilities affecting iPhone phones, Mac computers, and Watch smartwatches. According to the cybersecurity firm Kaspersky, which found and reported two of them to Apple, these vulnerabilities have been used for “professional” espionage attacks.

The updates published by Apple are mandatory installation for its users, since experts agree on their seriousness. In fact, the Spanish National Institute of Cybersecurity (incibe) has issued an alert of level 5 with the highest level of importance: critical.

The detected 0day vulnerabilities have been identified with the tags CVE-2023-32434, CVE-2023-32435 and CVE-2023-32439. They affect the Kernel and WebKit and could allow run arbitrary code with kernel privileges or process web content for malicious purposes.

Kaspersky has also published a report with technical details of this case that the company has dubbed ‘Operation Triangulation’. According to the company, the attacks would have started in 2019 and were detected when some of its engineers discovered that their iPhones were infected through exploits prepared to be distributed in the iMessage messaging client that exploited iOS zero-day bugs.

Spyware Triangulation: used for professional espionage

The case has made a leap onto the international scene due to the seriousness of the vulnerabilities, the potential use for high-level espionage and as another conflict between Russia and the United States, since the Russian FSB intelligence and security agency assured that «Apple provided the NSA a back door to help infect iPhones in Russia with spyware”.

The FSB claimed it found thousands of infected iPhones belonging to Russian government officials and embassy staff in Israel, China and NATO member countries. Apple has completely denied it: “we have never worked with any government to insert a backdoor into any Apple product and never will”a spokesperson told BleepingComputer.

Beyond the international conflict and as the list of affected devices is quite extensive, since day zero affects the oldest and newest models, it is recommended to update equipment as soon as possible to the latest versions available:

Related Articles