Today Kaspersky announced they were a victim of an iOS zero-click 0day exploit. The exploit delivered spyware targetting Kaspersky middle and upper management.
They named the attack 'Operation Triangulation'
More info: https://usa.kaspersky.com/blog/triangulation-attack-on-ios/28444/
They named the attack 'Operation Triangulation'
More info: https://usa.kaspersky.com/blog/triangulation-attack-on-ios/28444/
Kaspersky
Triangulation: Trojan for iOS
Eugene Kaspersky talks about attacks on iOS devices â including those of Kaspersky management â with the Triangulation Trojan.
ðĪŊ53ðŦĄ19ðĪĢ14ð12ð4âĪ2ð1ðŊ1
Kaspersky asserts they were NOT the primary target of the attack. Forensic evidence illustrates a long history of this spyware and have stated more details will be released soon.
ðĪĢ19ð5ðŦĄ4ð1
Today the FSB (Federal Security Service of the Russian Federation) released a statement stating that the United States government has targeted, and infected, thousands of Russians that were using Apple iPhones devices.
More information: http://www.fsb.ru/fsb/press/message/single.htm!id=10439739@fsbMessage.html
More information: http://www.fsb.ru/fsb/press/message/single.htm!id=10439739@fsbMessage.html
ðĪĢ50ðĪŊ11ðŦĄ9ðĨ3ðĒ2ðĪŠ2ðĪ1ð1
Russia: Kaspersky and the Russian FSB disclose information on an iOS 0day exploit
NATO Territory: Security vendors are disclosing news on a MOVEit 0day exploit being exploited in the wild to mass exfiltrate data from organizations.
Yay! 0day Thursday! =D
NATO Territory: Security vendors are disclosing news on a MOVEit 0day exploit being exploited in the wild to mass exfiltrate data from organizations.
Yay! 0day Thursday! =D
ðĨ60ðĪĢ21ð5ðŦĄ5âĪ3ð1
Someone has purchased vx-underground.com.
The domain tries to trick users into downloading malware and/or into calling a phony tech support phone number.
Unusual decision considering our userbase is people whose entire lives revolve around malware....
The domain tries to trick users into downloading malware and/or into calling a phony tech support phone number.
Unusual decision considering our userbase is people whose entire lives revolve around malware....
ðĪĢ110ð23ðĪŠ9ð7ðŦĄ3âĪ2ð1
American Intelligence agencies are filled with nerds.
The Kaspersky Operation Triangulation report cites mobilegamerstats[.]com as C2 domain. Its AWS host houses other listed C2 domains.
The SOA_EMAIL is a reference Tonari no Kaibutsu-kun (My Little Monster) - a manga ððð
The Kaspersky Operation Triangulation report cites mobilegamerstats[.]com as C2 domain. Its AWS host houses other listed C2 domains.
The SOA_EMAIL is a reference Tonari no Kaibutsu-kun (My Little Monster) - a manga ððð
ðĪŠ25ðĪĢ17ðŦĄ5ð1ð1ð1
Operation Triangulation used an iOS zero-click 0day exploit. It then leveraged additional 0day exploits pulled from a C2 to escalate privileges.
We've said it before and we'll say it again: anime nerds are the most dangerous people on the planet
We've said it before and we'll say it again: anime nerds are the most dangerous people on the planet
ðĪĢ85âĪ14ðŊ3ð1ðĪ1ð1
You have no idea how hard it is to not relentlessly meme the NSA and/or CIA for the anime reference in Operation Triangulation.
The only thing holding us back is the fear of a friendly autonomous drone strike or the Guantanamo Bay Detention Camp
The only thing holding us back is the fear of a friendly autonomous drone strike or the Guantanamo Bay Detention Camp
ðĪĢ92ð5âĪ4ð3ðŊ3ðŦĄ3ðĨ°2ðą2ð1ðĪŠ1
BreachedForum will resume its activities later this month.
It has new administration. It will be lead by the infamous ShinyHunters group.
It has new administration. It will be lead by the infamous ShinyHunters group.
ðĪŊ72ðĪ19âĪ13ðĪĢ8ð4ð3ðĒ2ðŦĄ2ð1
Today Threat Intelligence firm Hudson Rock shared some information with us.
A Threat Actor who was active on BreachForums named "IntelBroker" managed to anger the United States government a little bit.
The Five Eyes (FVEY) are actively hunting him down.
A Threat Actor who was active on BreachForums named "IntelBroker" managed to anger the United States government a little bit.
The Five Eyes (FVEY) are actively hunting him down.
ðŦĄ79ð7âĪ6ðĨ5ðą5ð3ðŊ2ðĒ1ð1ðĪĢ1ð1
Have a nice weekend && spend it with people you care about.
âĪ58ðĪŠ10ð6âĪâðĨ4ðĒ3ð1
Today in http://discord.gg/onlymalware we will be hosting two events:
1. Book Club Session 1: The Art of Computer Virus Research and Defense (Chapters 1-3) - 5:30PM GMT
2. RE for Noobs by 0x6D6172636F - 8:00PM GMT
Come join us if you want to talk about malware and more!
//THIS IS NOT A VX-UNDERGROUND DISCORD
1. Book Club Session 1: The Art of Computer Virus Research and Defense (Chapters 1-3) - 5:30PM GMT
2. RE for Noobs by 0x6D6172636F - 8:00PM GMT
Come join us if you want to talk about malware and more!
//THIS IS NOT A VX-UNDERGROUND DISCORD
Discord
Join the OnlyMalware Discord Server!
OnlyMalware. | 3606 members
âĪâðĨ14ð7ð6âĪ5ð2ðĪŊ1ð1
The most sophisticated Threat Intelligence team on the planet is the Nintendo Corporation Intellectual Property Legal Team.
If ransomware groups used a Super Smash Bros logo they'd be caught in 48 hours.
If ransomware groups used a Super Smash Bros logo they'd be caught in 48 hours.
ðĪĢ60ð57ð5ðĨ°2ðĪŠ2ð1