[manuelabeledo]

It reads more like an excuse than the actual reason.

Endpoint protection solutions can be installed in iOS devices. The device could also be wiped clean, eliminating the malware.

The latter should not be much of an issue in any serious organization. If any executive keeps critical data in a phone, that is already an issue.

The former is a hassle, but I have had to use locked down iPhones before, and the tradeoffs are still better than facing an intrusion.

The vulnerability and the vector could also have been present in a different form in Android devices.

All in all, I don't think this is the response Kaspersky should have come forward with.

[codedokode]

> Endpoint protection solutions can be installed in iOS devices.

How does "endpoint protection solution" protect from 0-day exploits? I guess it can do that only in marketing materials, not in reality.

[manuelabeledo]

It could definitely help detect exfiltration, for instance.

This malware was running and spreading for years. It is actually surprising that it took a security company like Kaspersky so long to detect it.

[psychphysic]

I'm very happy Kaspersky has. And that their released a tool they believe can detect past and present infection with the Triangulation Trojan.

I've not idea to what extent it's possible to have a durable trojan on iOS (probably only the makers of such trojans do know).

It's absurd to say a company should not blow the whistle on a sophisticated attack when that companys job is just that!

[manuelabeledo]

> It's absurd to say a company should not blow the whistle on a sophisticated attack when that companys job is just that!

They should definitely do it.

They should also acknowledge that they did a shoddy job. They let the malware run unchecked for several years. It is clear that the safeguards they had in place did not work, not for protection, but especially for detection.

Instead, they chose to boost the image of their own products and bash a third party vendor with a questionable reasoning.