Apple iPhone malfunction exploited by Israel’s second spy agency

A.D. Five people familiar with the case say that Apple Corps’ software malfunction, which was used to hack into the Israeli spy agency NOSO Group in 2021, was attacked by a rival company at the same time.

According to sources, QuaDream is a small and low profile Israeli company that also manufactures smartphone devices intended for government customers.

The two competing businesses had the same potential last year, according to five sources. The two companies’ use of the same advanced hacking technique – known as “zero-click” – indicates that phones are more vulnerable to powerful digital spy devices than the industry, says one expert.

“People want to believe it’s safe, and phone companies want you to believe it’s safe. But they are not the only ones we have learned, ”said Dave Itelle, partner of cyber security firm Cordissipes Systems.

Experts who have analyzed the attacks on NSO Group and Quadrim since last year believe that the two companies have used software exploits known as ForedEntry to hack into iPhones.

Exploitation is a computer code designed to exploit a specific set of software vulnerabilities that provide unauthorized access to hackers.

Analysts believe the NSO and QuaDream exploits are similar because they use multiple of the same vulnerabilities hidden in Apple’s instant messaging platform and use a similar method to install malware on target devices, according to three sources.

Bill Markzack, a digital surveillance citizen and security researcher for both companies, told Reuters that Quadrimim’s zero clicks appeared to be on par with NSO.

Reuters has repeatedly made inquiries to QuaDream, sending messages to executives and business partners. A Reuters reporter visited the Quadrimim office in Tel Aviv’s Ramat Gan area last week, but no one answered. The email did not respond to repeated requests from Israeli lawyer Vibeke Dank, listed on the QuaDream Enterprise Registration Form.

An Apple spokesman declined to comment on QuaDream, nor did it comment on any plans to take action against the company.

ForcedEntry is considered one of the “most technically advanced exploits” by security researchers.

The two versions of ForcedEntry were the same, with two people familiar with the matter stating that Apple fixed the defects in September 2021, making both NSO and Quadrimim spy software ineffective.

A NSO spokesman said in a statement:

Apple sues NSO team in ForcedEntry in November, NSO breaches Apple terms and conditions The case is still in its infancy.

Apple said in a statement that it had “successfully and successfully prevented various hacking attempts.” NSO denies any wrongdoing.

Spyware companies have long argued that governments sell high-tech technology to help them deal with national security threats. However, human rights groups and journalists have repeatedly reported using spyware to attack civil society, weaken political opposition, and intervene in elections.

Apple announced thousands of ForcedEntry targets in November, making it clear that elected officials, journalists and human rights activists around the world were under surveillance.

In Uganda, for example, the NSO ForcedEntry was used to spy on American diplomats, Reuters reported.

In addition to Apple, Meta WhatsApp is also suing over allegations of malware. In November, the NSO entered the U.S. Department of Commerce’s blacklist on human rights issues.

Unlike NSO, QuaDream serves some of the same government clients, but has a lower profile. The company does not have a website that does not know what it is doing, and its employees have been told not to make any reference to their employer outside of social media, said a source familiar with the company.

buy now

QuaDream was founded in In 2016, former Israeli military official Ilan Dabelstein and two former NSO staffers, Guy Geva and Nimrod Reznik, were the two men who knew Israel’s corporate records and business. Reuters could not reach the three executives for comment.

Like NSO’s Pegasus Spyware, Quadrimim’s flagship product – called REIGN – can control the smartphone by collecting instant messages from services such as WhatsApp, Telegram and Signal, as well as emails, photos, texts and contacts based on two product brochures. Reviewed by Reuters from 2019 and 2020.

REIGN’s “Premium Collection” capabilities include “real-time call recordings”, “camera activation – front and back” and “microphone activation”, says one brochure.

Prices appeared to vary. According to a 2019 brochure, a $ 2.2 million quadrim system, which allows customers to start smashing their smartphones, would cost $ 2.2 million. Two people who know about software sales say that REIGN prices are typically higher.

According to three people familiar with the matter, QuaDream and NSO Group have hired some similar engineering talents over the years. Two of these sources did not cooperate with their iPhone hackers, creating their own way to exploit vulnerabilities.

Several QuaDream buyers are linked to the NSO, and four sources – including Saudi Arabia and Mexico – have been accused of using spy software to attack political opponents.

Two of the sources said that the Singapore government was one of Quadrim’s first customers, and documents reviewed by Reuters also showed that the company’s intelligence technology had been handed over to the Indonesian government. Reuters did not know if Indonesia could be a customer.

Officials in Mexico, Singapore, Indonesia, and Saudi Arabia have not responded to QuaDream’s comments.


Leave a Comment