Security News > 2022 > February > QuaDream, 2nd Israeli Spyware Firm, Weaponizes iPhone Bug
ForcedEntry - the exploit of a zero-click iMessage zero day that circumvented Apple's then-brand-new BlastDoor security feature starting a year ago - was picked apart not just by NSO Group with its Pegasus spyware but also by a newly uncovered, smaller smartphone-hacking toolmaker named QuaDream.
Two sources also said that QuaDream and NSO Group came up with the iPhone exploit techniques on their own, separately - as opposed to collaborating.
Some of the activists were attacked with what Citizen Lab came to call the 2021 ForcedEntry exploit, while others' devices were remotely exploited and infected with spyware by the 2020 KISMET exploit: another zero-click iMessage exploit.
According to Reuters, the firm was founded in 2016 by Ilan Dabelstein, a former Israeli military official, and by two former NSO employees, Guy Geva and Nimrod Reznik.
Citizen Lab security researcher Bill Marczak, who's been studying both companies' tools, told Reuters that the zero-click capability of QuaDream's flagship product - called REIGN - seems "On par" with NSO's Pegasus spyware.
The outlet's sources said that QuaDream and NSO Group share several buyers, including Saudi Arabia and Mexico, both of which are among the many governmental Pegasus buyers that have been accused of illegally using spyware to target political opponents.
News URL
https://threatpost.com/quadream-israeli-spyware-weaponized-iphone-bug/178252/