Another Israeli spy company exploited Apple iPhone error: Report

Experts analyzing the NSO Group and QuaDreams intrusion believe the companies used similar software, known as ForcedEntry, to hijack iPhones.

The Apple software bug, which was exploited in 2021 by the Israeli surveillance company NSO Group to break into iPhones, was simultaneously abused by a competing company, Reuters reported with reference to sources.

QuaDream is a small Israeli company that develops smartphone hacking tools for public customers, the sources said.

The two companies were given the opportunity to break into iPhones remotely, the five sources said, compromising the devices without the owner opening a malicious link. That the two companies used the same sophisticated ‘zero-click’ hacking technique shows that phones are more vulnerable to digital espionage than the industry will admit, an expert said. Reuters.

“People want to think they’re safe, and telephone companies want you to think they’re safe,” said Dave Aitel, a partner at cybersecurity firm Cordyceps Systems.

Also read | Apple iPhone 13 available with up to 11,000 Rs discount: Where, how to take advantage of the offer

“What we’ve learned is that they are not.”

Experts analyzing the NSO Group and QuaDreams intrusion believe the companies used similar software, known as ForcedEntry, to hijack iPhones.

An exploit is a computer code that exploits specific software vulnerabilities and gives hackers access to data.

Analysts believe the exploits of the two companies were similar because they exploited many of the same vulnerabilities in Apple’s instant messaging platform, three sources said.

Bill Marczak, a security researcher at Citizen Lab, said QuaDream’s zero-click capability appeared to be on par with the NSO group’s.

ForcedEntry is among the most technically sophisticated exploits captured by security researchers.

Two of the sources said that the two companies’ ForcedEntry was so similar that after Apple fixed the bugs in September 2021, it made both of their spyware ineffective.

In November, Apple sued NSO Group over ForcedEntry, claiming it had violated the company’s terms of service and service agreement. That same month, Apple announced thousands of ForcedEntry targets, including journalists, elected officials and human rights workers around the globe.

QuaDream was founded by former Israeli military official Ilan Dabelstein and two former NSO employees Guy Geva and Nimrod Reznik in 2016, according to Israeli business records.

Also read | Meta reports the first quarterly fall in user base ever, $ 200 billion in market value obliterated as the stock falls

Like the NSO group’s Pegasus spyware, QuaDream’s product – REIGN – could take control of a smartphone device, scoop instant messages from Signal, Telegram and WhatsApp, as well as images, emails, contacts and texts.

A QuaDream system that allows 50 smartphone burglaries a year was offered for $ 2.2 million, excluding maintenance costs, Reuters reported.

Financial Express Telegram Financial Express is now on Telegram. Click here to subscribe to our channel and stay up to date with the latest Biz news and updates.

Give a Comment