Reign Spyware: This Pegasus-Like Spyware Targets iPhones Using Zero-Click Exploit

Main Image
  • Like
  • Comment
  • Share

The Citizen Lab at the Munk College of the University of Toronto has uncovered another dangerous spyware tool that has been sold to governments around the world. Reign, developed by Israeli company QuaDream, shares destructive capabilities similar to Pegasus, which was infamous for its use in spying on political adversaries, activists, and journalists. Reign is capable of infecting devices and transmitting data without the user’s knowledge.

Reign has been sold to governments, including Singapore, Saudi Arabia, Mexico, and Ghana, with others like Indonesia and Morocco being pitched as potential buyers. The spyware has been used to monitor political opposition figures, journalists, and others in various regions, including North America, Central Asia, Southeast Asia, Europe, and the Middle East.

Apple i-Cloud

Reign uses iOS 14 zero-click exploit

According to Citizen Lab’s analysis, Reign was deployed using a suspected iOS 14 zero-click exploit, dubbed “Endofdays.” This allowed the spyware to infect devices without any interaction or input from the user. The exploit used invisible iCloud calendar invitations sent to victims, making it difficult to detect.Once Reign is installed on a device, it grants a significant amount of access to iOS and iPhone components, similar to Pegasus. These components include:

  • Recording audio of calls
  • Recording audio from the microphone
  • Taking photos with the camera
  • Exfiltrating and removing items from the Keychain
  • Generating iCloud 2FA passwords
  • Searching through files and databases on the device
  • Tracking the device’s location
  • Cleaning up traces of the software to avoid detection

Reign also includes a self-destruct feature that removes traces of the spyware, but this feature also helps researchers to identify if a victim was attacked using the surveillance tool.

The Israeli company QuaDream, which created the Reign spyware tool, has managed to evade detection by actively hiding its operations. However, a legal dispute with InReach, a Cyprus-based entity that sells QuaDream’s products outside of Israel, has provided researchers with crucial insights into the company’s officers and operations. According to the report by Citizen Lab, QuaDream shares common roots with NSO Group and other entities within the Israeli commercial spyware industry and government intelligence agencies.

The findings underscore the need for ongoing scrutiny of the mercenary spyware industry, which is far larger than any single company. Researchers and potential targets must remain vigilant in the face of such threats, which can compromise privacy, freedom of speech, and democratic institutions.

You can follow Smartprix on TwitterFacebookInstagram, and Google News. Visit smartprix.com for the most recent newsreviews, and tech guides.

Aryan VyasAryan Vyas
Aryan is the youngest tech enthusiast at Smartprix, with a deep passion for technology, automobiles, cricket, and Bollywood. He is a meticulous researcher and writer who write on a wide range of tech topics, including smartphones, laptops, wearables, and smart home device.


Related Articles

ImageApple Watch Series 10: Larger Display, Thinner Body, And Everything Else We Know

Later this year, Cupertino-based tech giant Apple will host one of the most awaited technological events in the world. The September launch event will witness the company unveiling the iPhone 16 lineup, including the regular and Pro models, and along with it, the Apple Watch Series 10 (and possibly a new Apple Watch Ultra). Most …

ImageApple to introduce ‘lockdown mode’ to thwart extreme cyberattacks like Pegasus

Summary: Apple will soon introduce a new feature called “Lockdown Mode” to prevent cyberattacks such as NSO Group’s Pegasus on Apple devices. Apple recorded instances of cyberattacks using spyware to do surveillance on users across 150 countries and thus, decided to up its game against such practices with the lockdown mode that prevents such attempts …

ImageGIMS is the Indian Govt’s WhatsApp alternative for Official Communication

Whatsapp hacks and privacy concerns have been headlining in recent times. But, the latest cases of Jeff Bezos and Israel NSO spy technology are deeply alarming. If thousands of high-profile users, including someone like Bezos, can be vulnerable, then what’s even data security for a civilian. In light of these concerns, the Government of India …

ImageApple rolls out iOS 16.6.1 security update to fix Pegasus exploit

If your iPhone is notified of an incoming iOS 16.6.1, it’s high time that you get the update ASAP. Turns out Apple acknowledged a critical security issue with its iOS update after Citizen Lab, a spyware research group, notified the tech giant of an exploit that could allow NSO Group’s Pegasus spyware to infiltrate. Fortunately, …

ImageRealme 12 5G To Come With An iPhone-Like Dynamic Button: Check More Details Here

Remember the Action Button from the iPhone 15 Pro series? The programmable button can be used for several tasks, such as enabling/disabling a setting, putting the iPhone in silent mode, turning on the flashlight, etc. It is a pretty nifty addition to the iPhone 15 Pro lineup, allowing users to customize their overall experience. Well, …

Discuss

Be the first to leave a comment.

Related Products