Israel-based QuaDream has reportedly closed its office after a piercing analysis of its operation developing and selling mercenary spyware tools.
Last week, researchers at Citizen Lab and Microsoft jointly blew the lid off QuaDream’s Reign malware infecting the iPhones of at least five civil society members during the vulnerable days of iOS 14, dating back to 2021.
According to the analysis, the exploit used in Reign– dubbed ENDOFDAYS – leveraged inherent vulnerabilities in iOS 14 to feed victims tainted iCloud calendar invitations with no indication of anything amiss.
With the malware deployed onto victims’ iPhones, attackers could listen to and record phone calls, take recordings with the phone’s built-in microphone, take pictures through the device’s front and back camera, track the victim’s location, and relay all the information back to command and control.
The targets are said to be journalists, political opposition figures and other individuals across North America, Central Asia, Southeast Asia, Europe and the Middle East. The victims themselves were not named in the reports.
Sources close to Catalisttech now say QuaDream has shut down its office and is on track to cease operations, as the analysis into its activity cast a bad light on what was already seen as a shady business.
Microsoft Associate General Counsel Amy Hogan-Burney told the news outlet that mercenary hacking groups like QuaDream “thrive in the shadows” and that publicly outing them was “essential to stopping this activity.”
“According to sources, the company has been in a difficult situation for several months, and the research was the last nail in its coffin,” reads the report. “The company hasn't been fully active for a while and it is believed that there are only two employees left in its offices whose job it is to look after the computers and other equipment. At the same time, the board of directors is trying to sell the company's intellectual property.”
Spyware developers have been taking heat from the US government, with the Biden administration announcing an executive order meant to stop the use of surveillance software by US agencies if said software is also used by repressors.
In 2021, Apple sued Israeli spyware developer NSO Group over its Pegasus malware amid a track record of putting surveillance tools in the wrong hands, allegedly letting oppressive regimes spy on their people.
Microsoft researchers noted last week that the captured samples of QuaDream’s malware targeted iOS devices, specifically iOS 14, but that there were indications some of the code could also be used on Android handsets.
tags
Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.
View all postsDecember 19, 2024
November 14, 2024