ONE Jailbreak Ad

Triangle Check Utility

Promotion image of Triangle Check Utility article.

Triangle Check, a creation of Kaspersky Lab, is a sophisticated script designed to empower users in scanning iTunes backups for potential compromise indicators related to Operation Triangulation. Its advanced mechanism bears resemblance to the Pegasus Project, an elite-level surveillance tool developed by the Israeli company NSO Group for its clientele. Pegasus tool has been used in more than 50 countries since 2016.

Download Triangle Check

The Triangle Check Utility has been unveiled as an open-source project, scripted in the Python programming language. For compatibility with both Windows and Linux, the developer has thoughtfully provided alternative binary builds of the triangle_check utility. The recommended method for installation is via PyPI. Triangle Check can be also installed on macOS.

What is Triangle Check?

Triangle Check, a Python script, serves as a valuable tool for automatically detecting potential compromises on your iPhone through the Operation Triangulation exploit. This exploit has the capability to gain full control over your device without requiring any user interaction. It is typically deployed through a text message sent to the victim's iPhone and operates discreetly, automatically removing itself without the user's knowledge of the intrusion.

Due to the limited accessibility to the device file system, Triangle Check necessitates the creation of an iPhone backup using iTunes or Finder. This command-line tool is designed to scan iTunes backups for any indications of compromise linked to Operation Triangulation.

Additionally, Triangle Check extends support to encrypted iTunes backups; however, it is imperative to possess the password for decryption. Encrypted iTunes or libimobiledevice backups yield a more comprehensive set of data for analysis.

Triangle Check Utility screenshot.

The "Encrypt local backup" feature, accessible in Finder or iTunes, plays a crucial role in safeguarding and encoding your data. When opting for encrypted backups, a broader spectrum of information is included, comprising saved passwords, Wi-Fi settings, website history, health data, and call history. Triangle Check can decrypt all data with a given password.

However, it's essential to be aware that encrypted backups deliberately exclude certain sensitive data, such as Face ID, Touch ID, or device passcode information. This strategy ensures the security and privacy of the most confidential aspects of your iPhone.

Triangle Check meticulously examines the backup file, scrutinizing for any lingering signs of potential malware installation. The scanning process extends to various elements within the system, including but not limited to the Library/SMS/Attachments/ directory.

It specifically looks for remnants of potential malware introduced through modified attachments sent via the Messages app. The scrutiny encompasses the detection of suspicious data within .plist files, the identification of a fake malware utility known as BackupAgent, examination of sqlite3 databases, and other relevant indicators that may signify a compromise.

How to install Triangle Check

The Triangle Check Utility is available for download as a binary file compatible with both Windows and Linux. Nevertheless, the recommended approach for installation is through PyPI. This streamlined method is equally applicable to macOS users seeking to install the utility.

python -m pip install triangle_check

Usage: python -m triangle_check /path/to/iTunes_backup [backup_password]
Author Photo
Written by

Kuba has over 20 years of experience in journalism, focusing on jailbreak topics since 2012. He has interviewed professionals from Intel, Avast, Microsoft, and more. Besides journalism, Kuba specializes in video editing and drone flying. He studied IT at university before his writing career.


  • Alexander Colaço Osorio

    Alexander Colaço Osorio 2 months ago

    It would be nice if you could just ONCE be more helpful to the older alfa and gamma people if you’d be willing in future publications to help them out with easier instructions on such important issues. I have no one to help me and am depending on people who have only a little more knowledge than I do, which is a bit above zero on a scale of one to five.

    • qbap

      qbap 2 months ago

      I think you can find a better instruction here. MVT includes Triangle Check and other malware detection tools.

Post a comment

Latest Posts

Euro 2024 playlist for StrymTV

Euro 2024 playlist for StrymTV

If you love football, get ready for Euro 2024 in Germany. It’s a big event featuring top European players like Cristiano Ronaldo, Robert Lewandowski, and Kylian Mbappe. With StrymTV you can watch all the Euro 2024 group stage games on your mobile device...


Detect SeaShell malware in IPA and TIPA with TrollInstall

TrollInstall is a shortcut app that lets you install IPA and TIPA files with SeaShell protection. SeaShell is an open-source malware that can easily be injected into any IPA file installed through TrollStore. Downloading IPAs from untrusted sources can...

How to Use Proxies for mobile

How to Use Proxies for Your iOS and Android Devices: A Guide

In today's digital age, maintaining privacy and security while accessing the internet on mobile devices is essential. Proxies serve as intermediaries between your device and the internet, offering numerous benefits such as enhanced privacy, access to geo...