Dissecting TriangleDB, a Triangulation spyware implant

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Often, the process of infecting a device involves launching a chain of different exploits. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain and obtaining the final spyware payload.

In researching Operation Triangulation, Kaspersky team set itself the goal to retrieve as many parts of the exploitation chain as possible. It took about half a year to accomplish that goal, and they are now ready to share the details.

Read more…
Source: Kaspersky