The famous Russian antivirus publisher Kaspersky has just identified an “extremely complex” computer attack, which targets the Apple phones of some of its employees, a dozen middle and senior managers. Although it was carried out “in the most discreet way possible”, the computer intrusion, dubbed “Triangulation”, was noticed at the beginning of the year following the identification of anomalies on its network.
A “zero click”
According to Kaspersky, invisible iMessages with a malicious attachment were sent to the targeted people. Spyware, a “zero click”, was then installed on the smartphone, without the intervention of the user being necessary. The program thus made it possible to record audio, take photos, geolocate the device and provide other, unspecified data on the infected machine.
A few days after reporting the computer attack, the Russian company posted a utility for detecting indicators of compromise. Kaspersky nevertheless states that it has not yet “found an effective way to remove spyware without losing user data”.
Indeed, only resetting infected iPhones to their factory settings, along with installing the latest version of the operating system, is effective in getting rid of the spyware. In the event of a simple deletion of the program from the device’s memory, the latter is then able to regain control of the device after a restart.
“Apple’s close cooperation with the NSA”
Even if the information available is fragmentary, the target of the attack – telephones supposed to be among the best protected in the world – and its nature – a “zero click” – show that it is a high-level computer operation. flight. If the Russian company, accused in 2017 of being too close to Russian spies and on the way to marginalization since the Russian invasion of Ukraine, did not address the question of the attribution of this attack, it is said to be convinced that she was not the main target.
According to the Federal Security Service of the Russian Federation (FSB), around a thousand Apple phones in Russia would indeed be affected by this intrusion. For this intelligence service in charge of internal affairs, this computer attack testifies “to the close cooperation of the Apple company with the intelligence community, in particular the NSA”, the technical agency of American intelligence.
The accusation was disputed by the Apple firm, which said it had never “worked with a government to insert a backdoor”. Russian intelligence also did not explain precisely how the NSA allegedly infected Apple phones.