Mercenary spyware hacked iPhone victims with rogue calendar invites

Share via:

Hackers using spyware created by a little-known cyber mercenary firm used malicious calendar invites to hack the iPhones of journalists, political opposition figures, and an NGO worker.

Microsoft researchers and the digital rights organisation Citizen Lab examined malware samples purportedly created by QuaDream, an Israeli spyware maker known for developing zero-click exploits — hacking tools that do not require the target to click on malicious links — for iPhones.

Until recently, QuaDream was mostly able to fly under the radar. The Israeli newspaper Haaretz reported in 2021 that QuaDream had sold its wares to Saudi Arabia. The following year, Reuters reported that QuaDream sold a similar iPhone hacking exploit to NSO Group, and that while the company does not operate the spyware, its government customers do — a common practise in the surveillance tech industry.

According to Citizen Lab internet scans, QuaDream’s customers operated servers in the following countries: Bulgaria, Czech Republic, Hungary, Romania, Ghana, Israel, Mexico, Singapore, United Arab Emirates (UAE), and Uzbekistan.

Microsoft stated that it discovered the original malware samples and shared them with Citizen Lab’s researchers, who were able to identify more than five victims whose iPhones were hacked, including an NGO worker, politicians, and journalists. The exploit used to hack those targets was created for iOS 14 and was unpatched and unknown to Apple at the time, making it a so-called zero-day. According to Citizen Lab, the government hackers who were equipped with QuaDream’s exploit delivered the malware via malicious calendar invites with dates in the past.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Sreejit Kumar
Sreejit Kumar
Hi, I'm Sreejit Kumar, a journalist with a Master's degree in Journalism. Through my education and professional experience, I have developed a keen eye for detail and a passion for uncovering the truth. As an author for this news website, I am committed to delivering accurate, timely, and engaging stories that inform and entertain our readers.

Popular

More Like this

Mercenary spyware hacked iPhone victims with rogue calendar invites

Hackers using spyware created by a little-known cyber mercenary firm used malicious calendar invites to hack the iPhones of journalists, political opposition figures, and an NGO worker.

Microsoft researchers and the digital rights organisation Citizen Lab examined malware samples purportedly created by QuaDream, an Israeli spyware maker known for developing zero-click exploits — hacking tools that do not require the target to click on malicious links — for iPhones.

Until recently, QuaDream was mostly able to fly under the radar. The Israeli newspaper Haaretz reported in 2021 that QuaDream had sold its wares to Saudi Arabia. The following year, Reuters reported that QuaDream sold a similar iPhone hacking exploit to NSO Group, and that while the company does not operate the spyware, its government customers do — a common practise in the surveillance tech industry.

According to Citizen Lab internet scans, QuaDream’s customers operated servers in the following countries: Bulgaria, Czech Republic, Hungary, Romania, Ghana, Israel, Mexico, Singapore, United Arab Emirates (UAE), and Uzbekistan.

Microsoft stated that it discovered the original malware samples and shared them with Citizen Lab’s researchers, who were able to identify more than five victims whose iPhones were hacked, including an NGO worker, politicians, and journalists. The exploit used to hack those targets was created for iOS 14 and was unpatched and unknown to Apple at the time, making it a so-called zero-day. According to Citizen Lab, the government hackers who were equipped with QuaDream’s exploit delivered the malware via malicious calendar invites with dates in the past.

Disclaimer

We strive to uphold the highest ethical standards in all of our reporting and coverage. We StartupNews.fyi want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.

Sreejit Kumar
Sreejit Kumar
Hi, I'm Sreejit Kumar, a journalist with a Master's degree in Journalism. Through my education and professional experience, I have developed a keen eye for detail and a passion for uncovering the truth. As an author for this news website, I am committed to delivering accurate, timely, and engaging stories that inform and entertain our readers.

More like this

SIAM Promotes Safe Mobility with 9th Inter-School Competition on...

SIAM Promotes Safe Mobility with 9th Inter-School Competition on...

Google, Intel discuss expanding strategic partnerships in Saudi Arabia

Global tech giants Google and Intel discussed with Saudi...

Mozambique Cyber Revolution Summit 2024 – Cybersecurity Innovations: Leading...

We TraiCon Events will be hosting Mozambique’s premier cybersecurity...

Popular

Upcoming Events

Startup Information that matters. Get in your inbox Daily!