Security experts have warned about the emergence of previously unknown spyware with hacking capabilities comparable to NSO Group’s Pegasus that has already been used by clients to target journalists, political opposition figures and an employee of an NGO.
Researchers at the Citizen Lab at the University of Toronto’s Munk School said the spyware, which is made by an Israeli company called QuaDream, infected some victims’ phones by sending an iCloud calendar invitation to mobile users from operators of the spyware, who are likely to be government clients. Victims were not notified of the calendar invitations because they were sent for events logged in the past, making them invisible to the targets of the hacking. Such attacks are known as “zero-click” because users of the mobile phone do not have to click on any malicious link or take any action in order to be infected.
The new revelations mark another blow to Apple, which has marketed its security features as among the best in the world. Now, Reign appears to be a new and potent threat to the integrity of the company’s mobile phones. In a statement to the Guardian, Apple said it was “constantly advancing the security of iOS” and that there was no indication that QuaDream’s exploit had been used since 2021.
Newer, stronger surveillance tactics such as Reign are increasingly invasive and more difficult to protect from. What limits the deployment is the price that can typically be paid only by nation states who use these powerful tools to target other government officials, journalists, opposition figures and high profiles victims.
The power of phone hacking software such as this, Pegasus and Candiru, must never be underestimated as its sheer presence on a target phone can be terrifyingly invasive. Its quiet, under the radar delivery method enables it to monitor the vast majority of a device and those targeted will have no idea of its residence. Once deployed to a device, it is extremely difficult to remove Reign and will remain compromised.
The spyware is able to read messages, see real time location data and even listen in by taking control of the microphone. It is extremely important potential victims keep their personal phone numbers private and changed immediately if ever leaked. It is also imperative that they keep their phones minimalistic in terms of apps and up to date with the latest security updates to mitigate such attacks.
ESET Ireland 