QuaDream, a smaller and "lower profile" surveillance vendor, is accused of hacking into iPhones around the world. Many noticed that this spyware uses a similar software exploit as the notorious NSO Group, which led to some speculations. An investigation is still underway.
According to Reuters, QuaDream is an Israeli firm that develops smartphone hacking tools for government clients. They employ sophisticated techniques called "zero-clicks" to attack a victim's iPhone.
Simply put, "zero-click" attacks mean an iPhone can be hacked even if the owner does not do anything. This is because malicious actors will exploit a vulnerability that already exists in the system to plant their digital spying tools.
iPhone Spyware: The QuaDream Attack
Experts analyzed that the intrusions engineered by NSO Group to hack iPhones last year are very similar to QuaDream's code. Both companies used the software exploit ForcedEntry to hack into iPhones. Be warned that this is a vulnerability hidden deep inside Apple's instant messaging platform. Even worse, CitizenLab security researcher Bill Marczak called QuaDream's zero-click capability "on par" with NSO's.
According to Gizmodo, QuaDream specifically attacks with a malicious code dubbed Reign. Be warned that Reign has the ability to "control of a smartphone, scooping up instant messages from services such as WhatsApp, Telegram, and Signal, as well as emails, photos, texts, and contacts, according to two product brochures from 2019 and 2020."
Evidence from the spyware firm also shows that they have "premium collection" offers. This spyware will let malicious actors gain access to real-time call recordings, camera activation for front and back, and microphone activation. Keep in mind that commands are issued remotely, so victims have no way of knowing that their iPhones are already being taken advantage of.
The potential of these dangerous codes implies that QuaDream could be a global threat to Apple users, especially since ForcedEntry and Reign are viewed as some "of the most technically sophisticated exploits" by security researchers.
Read Also: Room For Improvement? Here's 'Sunroom:' An Alternative Creator Platform That Empowers Women
NSO Group Denies Involvement with QuaDream
It is worth noting that an NSO spokeswoman told Reuters that her group "did not cooperate with QuaDream." Instead, she pointed out that "the cyber intelligence industry continues to grow rapidly globally," which implies they are not responsible or related to the growing online threat.
Spyware companies generally promote that they sell high-powered technology to governments to help them improve national defense. However, the notion is widely argued by groups and journalists who noted that spyware undermines political opposition, attacks civil society, and interferes with elections.
For now, the investigations are still ongoing. It is hard to determine whether QuaDream is related to NSO Group or not. Fans interested in the development are recommended to watch out for possible updates.
Lastly, it is worth mentioning that Apple fixed its underlying vulnerabilities in September 2021. Ideally, this should mean that both NSO and QuaDream attacks are no longer effective at the time of writing.
Related Article: NSO Group Allegedly Offered 'Bags of Cash' to Access US Networks: An Investigation is Underway