top of page

4-year campaign exploited iPhones using possibly the most advanced attack ever

"Triangulation" infected dozens of iPhones belonging to employees of Moscow-based Kaspersky.

Researchers disclosed new findings surrounding an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky. Chief among the discoveries: the unknown attackers were able to achieve an unprecedented level of access by exploiting a vulnerability in an undocumented hardware feature that few if anyone outside of Apple and chip suppliers such as ARM Holdings knew of.

The mass backdooring campaign, which according to Russian officials also infected the iPhones of thousands of people working inside diplomatic missions and embassies in Russia, according to Russian government officials, came to light in June. Over a span of at least four years, Kaspersky said, the infections were delivered in iMessage texts that installed malware through a complex exploit chain without requiring the receiver to take any action.

These types of attack, and this attack in particular would not be possible if the user was using a secure, and locked down device like what SecureCrypt offers. SecureCrypt uses advanced security features like enhanced hardware and memory protections that cannot be bypassed. SecureCrypt devices also are protected against any type of mobile malware, root-kit or spyware.

SecureCrypt also uses enhanced kernel reinforcements and protections that would not have allowed these attackers to exploit the iOS kernel like they did.

Furthermore, SecureCrypt powered iPhones do not use iMessage, and have this feature disabled (instead relying on our custom engineered encrypted app for all secure communications) so the initial delivery mechanism would not have been possible.

Any sensitive business with trade secrets and intellectual property to protect, should be using secure devices for internal communications, isolated from the outside and not vulnerable to the same exploits that affect unprotected, regular iPhones.

Secure devices with built in device hardening protections should also be used by those working in diplomatic missions, embassies, NGOs, advocacy groups, investigative journalists, lawyers, and anyone else who requires secure communications.

SecureCrypt devices are non-rooted and use advanced device management and device attestation to prevent hardware and memory bases attacks.

The exploited devices were infected with full-featured spyware that, among other things, transmitted microphone recordings, photos, geolocation, and other sensitive data to attacker-controlled servers. SecureCrypt phones disable all sensors used for location tracking like GPS, NFC, and Bluetooth. We also use secure SIMs and cellular protections that make location tracking not possible.

Although infections didn’t survive a reboot, the unknown attackers kept their campaign alive simply by sending devices a new malicious iMessage text shortly after devices were restarted. SecureCrypt powered iPhones were protected from this exploit due to our device hardening and tamper-proofing features, and due to our blocking of iMessage entirely.

Some features that protected SecureCrypt iPhones from this exploit are:

Triple Layer Encryption/Encrypted Containerization

Brute Force Protections

Tamper-Proof Hardware

Root of Trust Protection

Firmware Validation

Secure Boot

Enhanced Kernel Reinforcement & Protections

Enhanced Memory Protections

Full Disk Encryption

Trust your privacy and security to professionals who only operate in this sector. Privacy is the only thing we focus on, and together with our industry partners we can say we have been proudly securing our clients mobile communication since 2018.


bottom of page