Hackers launches a chain of exploits Via Malicious iMessage

The TriangleDB malware campaign targets iPhone and iPad devices via malicious iMessage attachments and has several modules for executing additional attacks. The malware gathers information from the devices and sends it to a C2 server using two validators. The malware can record microphones, breach keychain security, steal SQLite data, and monitor location. It operates through invisible iMessage attachments, drawing a discreet yellow triangle on a pink background with WebGL. A full report is available on SecureList.