The malicious message is malformed and does not trigger any alerts or notifications for user

unfortunately the problems still at ios 16 for sure as you advised due to wrong backup or recovery as we never guess that apple ID may be hacked ,

we are kindly ask you to advised us if there Kasper tool or support team can explore who is hacking us ? or is there exeperts can help us by provide them the analytic data ? what ever it`s cost , we trust kasper team as always will support

Most probably, Lockdown Mode can help protecting against this attack.

Our investigation of this attack is ongoing. All the related information will be posted on the Operation Triangulation page soon: https://securelist.com/trng-2023/

During the research we have not observed exploits for Android.

Hi Artur!

Kaspersky cybersecurity experts identified that the latest version of iOS that was targeted by Triangulation is 15.7. However, given the sophistication of the cyberespionage campaign and the complexity of analysis of iOS platform, the further research may reveal more details on the matter. We will update the community about new findings once they emerge.

Hi JJ

Yes. We have shared information with the Apple Security Research team.

As of time of writing we were able to identify one of many vulnerabilities that were exploited that is most likely CVE-2022-46690. This vulnerability was fixed in iOS 16.2. However, given the sophistication of the cyberespionage campaign and the complexity of analysis of the iOS platform, further research will surely reveal more details on the matter. We will update the community about new findings once they emerge.

As to rebooting, Triangulation blocks the opportunity to update iOS which means that even if the device is rebooted it still has an opportunity to re-infect it. A factory reset combined with the immediate system update would solve the problem.