Security News > 2023 > April > Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

It's also suspected that the company abused a zero-click exploit dubbed ENDOFDAYS in iOS 14 to deploy spyware as a zero-day in version 14.4 and 14.4.2.

While QuaDream is not directly involved in targeting, it is known to sell its "Exploitation services and malware" to government customers, the tech giant assessed with high confidence.

Despite attempts made by the spyware to cover its tracks, the interdisciplinary laboratory said it was able to uncover unspecified traces of what it calls the "Ectoplasm Factor" that could be used to track QuaDream's toolset in the future.

In February 2022, Reuters reported that the company weaponized the FORCEDENTRY zero-click exploit in iMessage to deploy a spyware solution named REIGN. Then in December 2022, Meta disclosed that it took down a network of 250 fake accounts on Facebook and Instagram controlled by QuaDream to infect Android and iOS devices and exfiltrate personal data.

The development is yet another indication that despite the notoriety attracted by NSO Group, commercial spyware firms continue to fly under the radar and develop sophisticated spyware products for use by government clients.

Calling the growth of mercenary spyware companies as a threat to democracy and human rights, Microsoft said combating such offensive actors requires a "Collective effort" and a "Multistakeholder collaboration."

News URL

https://thehackernews.com/2023/04/israel-based-spyware-firm-quadream.html