Second Israeli Spyware Business Exploited iPhone Zero-Click Vulnerabilities

Another Israeli electronic surveillance business used the same techniques as NSO Group to hack into iPhones, reports Reuters. QuaDream is smaller than their better-known rivals and consciously chooses to keep a low profile by having no website and instructing staff never to mention their employer on social media. Nevertheless, QuaDream’s sales brochures indicate their spyware offers all the same features as NSO Group’s Pegasus product and was sold for a similar price.

…QuaDream’s flagship product – called REIGN – could take control of a smartphone, scooping up instant messages from services such as WhatsApp, Telegram, and Signal, as well as emails, photos, texts and contacts, according to two product brochures from 2019 and 2020 which were reviewed by Reuters.

REIGN’s “Premium Collection” capabilities included the “real time call recordings”, “camera activation – front and back” and “microphone activation”, one brochure said.

Prices appeared to vary. One QuaDream system, which would have given customers the ability to launch 50 smartphone break-ins per year, was being offered for $2.2 million exclusive of maintenance costs, according to the 2019 brochure.

QuaDream and NSO Group independently devised ways to exploit the same FORCEDENTRY vulnerability with iPhones. This meant spyware could be installed on an iPhone without needing to trick the victim into pressing any buttons. The vulnerability was disclosed by Citizen Lab, an interdisciplinary team at the University of Toronto. Apple updated the iPhone’s operating systems to fix the vulnerability in September 2021.

Sources told Reuters that QuaDream’s spyware has been sold to the governments of Saudi Arabia, Mexico and Singapore. Research by Citizen Lab has already confirmed that both the Saudi and Mexican governments have used spyware for multiple human rights abuses.

You can read the Reuters exclusive for this story by clicking here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.