Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
thnThe Hacker NewsTHN:DA7174CDD8230226EDC3B28374FEEF8C
HistoryApr 17, 2023 - 4:32 p.m.

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose

2023-04-1716:32:00
The Hacker News
thehackernews.com
18
spyware
quadream
israeli company
shutdown
citizen lab
microsoft
hacking
apple devices
exploit
reign
malware
exfiltrate data
ios
endofdays
nso group
candiru
offensive actor
saudi arabia
zero-click attacks
nfv systems
JSON

Israeli Spyware

Israeli spyware vendor QuaDreamis allegedly shutting down its operations in the coming days, less than a week after its hacking toolset was exposed by Citizen Lab and Microsoft.

The development was reported by the Israeli business newspaper Calcalist, citing unnamed sources, adding the company “hasn’t been fully active for a while” and that it “has been in a difficult situation for several months.”

The company’s board of directors are looking to sell off its intellectual property, the report further added.

QuaDream, which specializes in hacking Apple devices that don’t require any action on the part of the victim, is also said to have fired all its employees, with the firm undergoing significant downsizing, according to Haaretz and The Jerusalem Post.

News of the purported shutdown comes as the firm’s spyware framework – dubbed REIGN – was outed as having been used against journalists, political opposition figures, and NGO workers across North America, Central Asia, Southeast Asia, Europe, and the Middle East.

Microsoft described REIGN as a “suite of exploits, malware, and infrastructure designed to exfiltrate data from mobile devices.”

The attacks entailed the exploitation of a now-patched flaw in iOS to deploy sophisticated surveillanceware capable of surreptitiously gathering sensitive information, including audio, pictures, passwords, files, and locations.

Apple told The Hacker News last week that there was no indication to suggest that the exploit, codenamed ENDOFDAYS, had been put to use since the company released iOS 14.4.2 in March 2021.

QuaDream, like its Israeli counterparts NSO Group and Candiru, is a private-sector offensive actor (PSOA) that markets end-to-end hacking tools for use by its customers to run their targeted cyber operations.

While the company has largely managed to stay under the shadows, Haaretz reported in June 2021 that its spyware technology was sold to Saudi Arabia to carry out zero-click attacks against targets of interest.

Then last year, Reuters revealed that QuaDream had independently developed an exploit to break into iPhones in a manner that’s comparable to the one provided by NSO Group by leveraging a flaw in iMessage. Apple addressed the vulnerability in September 2021.

The upcoming closure also comes a little over a month after Haaretz shed light on a previously unknown Israeli cyber mercenary company called NFV Systems for selling its surveillance technologies to foreign countries without obtaining a license from the Ministry of Defense.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

JSON