Security News > 2023 > April > iPhones hacked via invisible calendar invites to drop QuaDream spyware
Microsoft and Citizen Lab discovered commercial spyware made by an Israel-based company QuaDream used to compromise the iPhones of high-risk individuals using a zero-click exploit named ENDOFDAYS. The attackers targeted a zero-day vulnerability affecting iPhones running iOS 1.4 up to 14.4.2 between January 2021 and November 2021, using what Citizen Lab described as backdated and "Invisible iCloud calendar invitations."
Compromised devices belonged to "At least five civil society victims of QuaDream's spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East," Citizen Lab researchers said.
"We found that the spyware also contains a self-destruct feature that cleans up various traces left behind by the spyware itself," Citizen Lab said.
The spyware comes with a wide range of "Features" based on Citizen Lab's analysis, from recording environmental audio and calls to allowing the threat actors to search the victims' phones.
One year ago, Citizen Lab also revealed details on a zero-click iMessage exploit that was used to install NSO Group spyware on the iPhones of Catalan politicians, journalists, and activists.
Commercial spyware provided by surveillance tech providers such as NSO Group, Cytrox, Hacking Team, and FinFisher has been repeatedly deployed on Android and iOS devices vulnerable to zero-day flaws.