{
  "modified": "2025-03-28T15:23:16.915Z",
  "name": "Operation Triangulation",
  "description": "[Operation Triangulation](https://attack.mitre.org/campaigns/C0054) is a mobile campaign targeting iOS devices.(Citation: SecureList OpTriangulation 01Jun2023) The unidentified actors used zero-click exploits in iMessage attachments to gain [Initial Access](https://attack.mitre.org/tactics/TA0027), then executed exploits and validators, such as [Binary Validator](https://attack.mitre.org/software/S1215) before finally executing the [TriangleDB](https://attack.mitre.org/software/S1216) implant.  ",
  "aliases": [
    "Operation Triangulation"
  ],
  "first_seen": "2019-01-01T08:00:00.000Z",
  "last_seen": "2023-06-01T07:00:00.000Z",
  "x_mitre_first_seen_citation": "(Citation: SecureList OpTriangulation 01Jun2023)",
  "x_mitre_last_seen_citation": "(Citation: SecureList OpTriangulation 01Jun2023)",
  "x_mitre_deprecated": false,
  "x_mitre_version": "1.0",
  "type": "campaign",
  "spec_version": "2.1",
  "id": "campaign--d0695b5f-b761-49e0-b3e3-2e5307f8def3",
  "created": "2025-03-28T14:45:30.132Z",
  "created_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
  "revoked": false,
  "external_references": [
    {
      "source_name": "mitre-attack",
      "url": "https://attack.mitre.org/campaigns/C0054",
      "external_id": "C0054"
    },
    {
      "source_name": "SecureList OpTriangulation 01Jun2023",
      "description": "Kuznetsov, I., et al. (2023, June 1). Operation Triangulation: iOS devices targeted with previously unknown malware. Retrieved April 18, 2024.",
      "url": "https://securelist.com/operation-triangulation/109842/"
    }
  ],
  "object_marking_refs": [
    "marking-definition--fa42a846-8d90-4e51-bc29-71d5b4802168"
  ],
  "x_mitre_attack_spec_version": "3.2.0",
  "x_mitre_modified_by_ref": "identity--c78cb6e5-0c4b-4611-8297-d1b8b55e40b5",
  "x_mitre_domains": [
    "mobile-attack"
  ]
}