Enterprises are the “ideal” target for Trident iPhone hack

Trident malware will target your CEO, CTO, and employees

Malware that spies on iPhones will target enterprise deployments as well as consumers' devices, a security firm involved in its discovery has confirmed.

Pegasus, the spyware that installs itself on a user's iPhone by sending them an SMS message with a malicious link to click on, was revealed yesterday by mobile security company Lookoout, which investigated the malware with Citizen Lab.

Once installed, the malware, allegedly created by Israeli firm NSO Group, collects information from apps including Gmail, Facebook, Skype, WhatsApp, Calendar, FaceTime, and can also activate the iPhone's camera and microphone to listen in on conversations.

Pegasus is the final link in a three-part chain that is being called Trident. The first example of the attack was directed against human rights activist Ahmed Mansoor, but the cybersecurity firm warned that enterprises will be the prime target of the malware.

Advertisement - Article continues below

"These exploits are ideally suited to perform targeted, enterprise-focused attacks, and we expect that customers of this type of software are using these attacks for that that purpose," Mike Murray, Lookout's VP of security research & response, wrote in a blog post.

"The going price for Pegasus was roughly $8 million for 300 licenses, so it's not likely to be used against an average mobile device user, only targets that can be considered of high value."

These targets are not only the CEO and CTO of enterprise firms, whose devices will have secrets worth stealing, but also lower level staff, whose devices may not have as rigorous protection as those of C-level staff.

"Rank-and-file employees with credentials to access enterprise networks are clearly perceived as valuable targets by global threat actors," Murray said. "Unprotected employee mobile devices with access to sensitive corporate data are now likely to be the lowest hanging fruit for attackers looking to breach an enterprise."

A few years ago iPhones may not have presented such a large risk to enterprises' security, but Apple has built a $25 billion B2B business on the back of its flagship device over the last three years.

It has relied on partnerships with the likes of IBM and Box to get its hardware into businesses, with the firms aiming to offer the software businesses need on the devices staff actually want to use.

The iPhones most at risk are those used for both work and personal communications, Lookout warned, with one employee clicking the malicious link being all hackers need to break into an enterprise.

Apple has pushed out an update that fixes the vulnerabilities Trident exploits, but now IT staff must try to ensure all employees download the patch.

Featured Resources

The IT Pro guide to Windows 10 migration

Everything you need to know for a successful transition

Download now

Managing security risk and compliance in a challenging landscape

How key technology partners grow with your organisation

Download now

Software-defined storage for dummies

Control storage costs, eliminate storage bottlenecks and solve storage management challenges

Download now

6 best practices for escaping ransomware

A complete guide to tackling ransomware attacks

Download now



Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019

Best antivirus for Windows 10

3 Sep 2019

Best smartphone 2019: Apple, Samsung and OnePlus duke it out

20 May 2019
business apps

Best iPhone apps for 2019

17 Apr 2019

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019
Business strategy

Huawei takes the US trade sanctions into its own hands

3 Dec 2019

Five signs that it’s time to retire IT kit

29 Nov 2019