A new type of spyware has been discovered being sold to various governments throughout the world and is meant to be used to spy mainly on journalists, activists, and political opponents. Here’s what we know so far and how you can make sure your devices are always protected.
Table of Contents:
What is this new spyware?
A new report from Citizen Lab revealed that the spyware, which has been given the name Reign, is used to monitor the activities of targeted high-profile individuals. The Microsoft Threat Intelligence team was able to analyze the spyware and found that it was provided by the Israeli company QuaDream.
MORE: BEWARE OF NEW MACSTEALER MALWARE THAT CAN STEAL YOUR ICLOUD KEYCHAIN DATA AND PASSWORDS
How does Reign attack people’s devices?
The spyware reaches all these devices through what is known as the “Endofdays” iOS 14 zero-click exploit. This uses backdated iCloud calendar invites that when sent to targeted people are automatically accepted. Once the invitation is on a person’s device, spyware operators can access multiple iOS features. Hackers can get to your audio recordings of calls, iPhone microphone and camera access, access to the iPhone Files app, iPhone location tracking, generation of iCloud 2FA passwords, and more.
How was Reign discovered?
Reign was discovered because it comes with a feature that ironically was supposed to help it remain undiscoverable. The feature was one of self-destruction where Reign could remove traces of itself on a device so that no one would be able to find it. However, this ended up helping research teams in identifying when a target was attacked.
MORE: TOP BROWSERS TARGETED BY NEW MALWARE TO STEAL YOUR SENSITIVE DATA
It is believed by Citizen Lab that QuaDream’s spyware has been linked to over 600 servers and 200 domains since late 2021. The company also believes that QuaDream spyware is currently operating in the following countries:
- Czech Republic
- Hungary
- Ghana
- Bulgaria
- Romania
- Israel
- Mexico
- United Arab Emirates (UAE)
- Uzbekistan
- Singapore
How can I protect myself from spyware?
Although Reign has not yet been detected as a threat to the U.S. government, and it doesn’t seem to be targeting citizens with low-profile statuses, it’s important that you still know how to protect yourself from spyware.
Have good antivirus software on all your devices
Find my review of Best Antivirus Protection here.
For more of my security alerts, subscribe to my free CyberGuy Report Newsletter here
Related:
- Beware of new MacStealer Malware that can steal your iCloud Keychain data and passwords
- Top browsers targeted by new malware to steal your sensitive data