Thursday, May 16, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Not just Pegasus, iPhones spied on by another Israeli company

2 years ago babelfish

Not just Pegasus, iPhones spied on by another Israeli company

After Nso Group, a new Reuters report revealed that another Israeli company has been hacking iPhones for more than five years

Israeli company Nso Group wasn't the only one to exploit a flaw in Apple's software to enter iPhones in 2021.

A new Reuters report revealed that Israeli firm QuaDream has been hacking iPhones for more than five years, allowing access to users' microphones, front and rear cameras, and monitoring calls in real time.

According to Reuters , QuaDream's flagship product is called "Reign" and the company sold its hacks to the highest bidder. Reign could remotely take control of any iPhone without users' knowledge.

The discovery follows that of the Israeli cyber weapons company Nso Group and its software "Pegasus" , which hacked iPhones from 2016 until the media case around the world "exploded". Meanwhile, Apple announced in November that it had filed a lawsuit against the Nso Group.

All the details.

WHAT IS THE ISRAELIAN COMPANY QUADREAM

QuaDream, the sources say, is a smaller, lower-profile Israeli company that also develops smartphone hacking tools for government customers.

According to company documents and Reuters sources, QuaDream was founded in 2016 by Ilan Dabelstein, a former Israeli military officer, and two former NSO employees, Guy Geva and Nimrod Reznik.

"Unlike Nso, QuaDream has kept a lower profile," Reuters points out. "The company does not have a website advertising its business and employees have been told to keep any references to their employer off social media, according to a person familiar with the company."

THE HACKING METHODS

Both Nso and QuaDream are believed to have used similar hacking methods (known as ForcedEntry) and both were "zero click" hacks. This means that they work without the user having to click on a URL, usually sent via an unsolicited SMS or email, something that users are increasingly aware of. In short, if targeted, there was no way to avoid either hack.

THE REIGN PRODUCT

Like NSO's Pegasus spyware, QuaDream's flagship product is Reign. According to two product brochures from 2019 and 2020 reviewed by Reuters , the software could take control of a smartphone, collecting instant messages from services like WhatsApp, Telegram and Signal, as well as emails, photos, texts and contacts.

THE PRICE OF THE SPY SOFTWARE

According to the 2019 brochure, a QuaDream system, which allegedly offered customers the ability to launch 50 smartphone break-ins per year, was offered for $ 2.2 million net of maintenance costs. However, two sources revealed to Reuters that Reign's price was generally higher.

HACKING BLOCKED BY IOS 14.8?

Since Reign uses a Pegasus-like exploit method, the attack is believed to have been reversed by a security patch released by Apple in iOS 14.8. Despite this, Reuters reports that an Apple spokesperson declined to comment on QuaDream and did not say what (if any) action it intends to take.

THE COMMENT OF THE EXPERTS

The fact that two companies used the same sophisticated hacking technique, known as "zero-click", shows that phones are more vulnerable to powerful digital spying tools than the industry can admit, an expert told Reuters .

Speaking to Reuters , Dave Aitel of cybersecurity firm Cordyceps Systems issued a stern warning: “People want to believe they are safe and phone companies want you to believe they are. What we have learned is that they are not ”.

“Android or iOS for your company? Forget it, zero trust. Apple wants you to believe you are safe with their iPhone. What we have learned is that we are not, ”commented Nicola Vanin, Cdp's Chief Information Security Officer, on LinkedIn .

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/non-solo-pegasus-iphone-spiati-da-unaltra-societa-israeliana/ on Wed, 09 Feb 2022 06:10:56 +0000.