Skip to main content

Operation Triangulation: Kaspersky releases utility for malware detection

June 2, 2023

 Woburn, MA – June 2, 2023 – Following Kaspersky’s report on the Operation Triangulation campaign targeting iOS devices, the company’s researchers have released a special “triangle_check” utility that automatically searches for the malware infection. The tool is publicly shared on GitHub and available for macOS, Windows and Linux.

On June 1, 2023, Kaspersky reported about a new mobile APT that has been targeting iOS devices. The campaign employs zero-click exploits delivered via iMessage to install malware and gain complete control over the device and user data, with the ultimate goal of secretly spying on users. Among the victims were Kaspersky's own employees; however, the company’s researchers believe the scope of the attack extends far beyond the organization. Continuing the investigation, Kaspersky researchers aim to bring more clarity and further details on the worldwide proliferation of this spyware.

The initial report already included a detailed description for self-checking compromise trail mechanisms using the MVT tool. Today, Kaspersky publicly released on GitHub a special utility called “triangle_check.” This utility, available for macOS, Windows and Linux in Python, allows users to automatically search for traces of malware infection and therefore check whether a device has been infected or not.

Before installing the utility, the user should first do a backup of the device. Once a backup copy is created, a user can install and run the tool. If indicators of compromise are detected, the tool will show a “DETECTED” notification that confirms the device has been infected. The “SUSPICION” message indicates detection of less unambiguous indicators – pointing to a likely infection. A "No traces of compromise were identified” message will be shown if no IoCs were detected at all.

“Today we are proud to release a free public tool that allows users to check whether they were hit by the newly emerged sophisticated threat. With cross-platform capabilities, the “triangle_check” allows users to scan their devices automatically,”said Igor Kuznetsov, head of the EEMEA unit at Kaspersky Global Research and Analysis Team (GReAT).“We urge the cybersecurity community to unite forces in the research of the new APT to build a safer digital world.”

To learn more about how to use the ‘triangle_check’, read this blog post.

To learn more about the “Operation Triangulation”, visit Securelist.com.

 

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help over 220,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Media Contact

Sawyer Van Horn

sawyer.vanhorn@Kaspersky.com

(781) 503-1866

 

Operation Triangulation: Kaspersky releases utility for malware detection

Kaspersky logo

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

Related Articles Press Releases