Dissecting TriangleDB, a Triangulation spyware implant

Over the years, there have been multiple cases when iOS devices were infected with targeted spyware such as Pegasus, Predator, Reign and others. Often, the process of infecting a device involves launching a chain of different exploits, e.g. for escaping the iMessage sandbox while processing a malicious attachment, and for getting root privileges through a vulnerability in the kernel. Due to this granularity, discovering one exploit in the chain often does not result in retrieving the rest of the chain …

attachment cases device devices exploits imessage ios ios devices malicious pegasus predator privileges process reign root sandbox spyware triangulation