Spyware Attack Targets iPhone Users with Rogue Calendar Invites, Cybersecurity Researchers Find

Share via:

QuaDream is an Israeli cyber mercenary company that reportedly develops zero-click exploits for iPhones, which are hacking tools that don’t require the target to click on malicious links. Microsoft and digital rights group Citizen Lab analyzed samples of malware they say was created by QuaDream and found that the company’s customers operated servers from several countries around the world, including Bulgaria, Czech Republic, Hungary, Romania, Ghana, Israel, Mexico, Singapore, United Arab Emirates (UAE), and Uzbekistan, according to internet scans done by Citizen Lab.

In March 2021, Microsoft discovered that QuaDream’s customers used malicious calendar invites with dates in the past to deliver the malware to at least five victims, including an NGO worker, politicians, and journalists. The exploit used to hack those targets was developed for iOS 14, and at the time was unpatched and unknown to Apple, making it a so-called zero-day.

QuaDream’s malware has a final payload that records phone calls, records audio using the phone’s microphone surreptitiously, takes pictures, steals files, tracks the person’s granular location, and deletes forensic traces of its own existence, among other functionalities, according to Citizen Lab and Microsoft.

Citizen Lab researchers also claimed that QuaDream uses a Cyprus-based company called InReach to sell its products, allowing them to bypass Israeli export regulations. A person who has worked in the spyware industry confirmed to TechCrunch that QuaDream used InReach “to bypass the Israeli [export] regulator.”

The discovery of QuaDream’s malware shows that the spyware industry, once dominated by Hacking Team and FinFisher, is not only made up of NSO Group but several other companies, most of which are still flying under the radar.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Sarthak Luthra
Sarthak Luthra
Hey, there! I am the tech guy. I get things running around here and I post sometimes. ~ naam toh suna hi hoga, ab kaam bhi dekhlo :-)

Popular

More Like this

Spyware Attack Targets iPhone Users with Rogue Calendar Invites, Cybersecurity Researchers Find

QuaDream is an Israeli cyber mercenary company that reportedly develops zero-click exploits for iPhones, which are hacking tools that don’t require the target to click on malicious links. Microsoft and digital rights group Citizen Lab analyzed samples of malware they say was created by QuaDream and found that the company’s customers operated servers from several countries around the world, including Bulgaria, Czech Republic, Hungary, Romania, Ghana, Israel, Mexico, Singapore, United Arab Emirates (UAE), and Uzbekistan, according to internet scans done by Citizen Lab.

In March 2021, Microsoft discovered that QuaDream’s customers used malicious calendar invites with dates in the past to deliver the malware to at least five victims, including an NGO worker, politicians, and journalists. The exploit used to hack those targets was developed for iOS 14, and at the time was unpatched and unknown to Apple, making it a so-called zero-day.

QuaDream’s malware has a final payload that records phone calls, records audio using the phone’s microphone surreptitiously, takes pictures, steals files, tracks the person’s granular location, and deletes forensic traces of its own existence, among other functionalities, according to Citizen Lab and Microsoft.

Citizen Lab researchers also claimed that QuaDream uses a Cyprus-based company called InReach to sell its products, allowing them to bypass Israeli export regulations. A person who has worked in the spyware industry confirmed to TechCrunch that QuaDream used InReach “to bypass the Israeli [export] regulator.”

The discovery of QuaDream’s malware shows that the spyware industry, once dominated by Hacking Team and FinFisher, is not only made up of NSO Group but several other companies, most of which are still flying under the radar.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Website Upgradation is going on for any glitch kindly connect at office@startupnews.fyi

Sarthak Luthra
Sarthak Luthra
Hey, there! I am the tech guy. I get things running around here and I post sometimes. ~ naam toh suna hi hoga, ab kaam bhi dekhlo :-)

More like this

Data Management Maestro, The Expertise and Leadership of Siva...

New Delhi (India) April 3: Siva Karthik Devineni, a...

Meta pauses plans to train AI using European users’...

Meta has confirmed that it will pause plans...

KreditBee Subsidiary KB NBFC Raises $32 Mn In Debt...

SUMMARY KB NBFC raised the debt funding from Yubi,...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!