A study published today by Citizen Labin collaboration with the Microsoftraises the debate regarding the incidence of a new spyware comparable to NSO Group’s Pegasus. christening of Reignthe spy program is developed by the Israeli company QuaDream and infects smartphones by sending invitations to iCloud calendars.
Still according to the survey, at least five victims of civil society were located, among them journalists, political opposition figures and NGO employees. The study also reports that the presence of spyware it is already widespread in North America, Central Asia, Southeast Asia, Europe and the Middle East.
Upon being infected, victims do not even notice any strange behavior. That’s because the malicious program sends calendar invites for events in the past, not displaying notifications for them. Since user interaction is not required for infection to occur, it is called zero-click.
The report also says that the spyware can perform several actions autonomously. These are just a few: recording ambient and call audio, taking pictures with the front and rear camera, tracking the device’s location, performing file library operations, and searching for files that match specific characteristics.
Citizen Lab found QuaDream servers in countries such as Bulgaria, Czech Republic, Hungary, Ghana, Israel, Mexico, Romania and Singapore. The targets, according to the survey, are iPhones that run from the first iOS to version 14.4.2. All attacks would have happened between January and November 2021.
wanted by The GuardianApple said, in a note, that it is “consistently advancing iOS security” and that there is no indication that this spyware by QuadDream has been used since 2021.
The company also said that attacks like those revealed by the report cost millions to develop, have a short lifespan and are used to target specific individuals “because of who they are or what they do”.
Finally, Apple said that the vast majority of iPhone users will never fall victim to highly targeted cyberattacks and that it works “tirelessly” to protect the small number of users that do.
QuaDream, on the other hand, was contacted by Citizen Lab to explain the questions raised by the survey, but until the last update of this article, the company had not positioned itself.
via TechCrunch
