WASHINGTON: Apple’s software, exploited by Israeli surveillance firm NSO Group to break into iPhones in 2021, was simultaneously abused by a competing company, according to five people familiar with the matter.
Quadream, the sources said, is a small and low-profile Israeli firm that also develops smartphone hacking tools for government customers.
According to five sources, two rival businesses gained the same ability to remotely break into iPhones last year, meaning both firms could compromise Apple phones without an owner needing to open a malicious link. One expert said the two firms employed the same sophisticated hacking technique – known as “zero-click” – indicating that phones are more vulnerable to powerful digital spying tools than has been accepted by the industry. are sensitive.
“People want to believe they’re safe, and phone companies want you to believe they’re safe. What we’ve learned is they haven’t,” said Dave Attell, a partner at Cordyceps Systems, a cybersecurity firm.
Experts analyzing intrusions engineered by NSO Group and Quadream from last year believe that the two companies used a very similar software exploit known as ForcedEntry to hijack the iPhone.
An exploit is computer code designed to take advantage of a set of specific software vulnerabilities, giving a hacker unauthorized access to data.
Analysts believed the exploits of NSO and QuaDream were similar because they took advantage of several similar vulnerabilities hidden inside Apple’s instant messaging platform and used a comparable approach to install malicious software on targeted devices, according to three sources. Did.
Bill Markzak, a security researcher at digital watchdog Citizen Lab who is studying both companies’ hacking tools, told Reuters that Quadream’s zero-click capability seemed “on par” with NSO’s.
Reuters made repeated attempts to reach Quadream for comment, sending messages to executives and business partners. A Reuters journalist visited Quadreem’s office in the Tel Aviv suburb of Ramat Gan last week, but no one answered the door. Israeli lawyer Wibeke Dank, whose email was listed on Quadream’s corporate registration form, also did not return repeated messages.
An Apple spokesperson declined to comment on Quadream or say what action they plan to take with respect to the company.
ForcedEntry is seen as “one of the most technologically sophisticated exploits” ever captured by security researchers.
The two versions of ForcedEntry were identical, according to two people familiar with the matter, in that when Apple fixed the underlying flaw in September 2021, it rendered both NSO’s and QuaDream’s spy software ineffective.
In a written statement, an NSO spokesperson said the company “did not cooperate” with Quadream, but “the cyber intelligence industry is growing rapidly globally.”
Apple sued NSO Group over ForcedEntry in November, claiming that NSO violated Apple’s User Terms and Services Agreement. The matter is still in its initial stages.
In its lawsuit, Apple said it “sustained and successfully blocks a variety of hacking attempts.” NSO has denied any wrongdoing.
Spyware companies have long argued that they sell high-powered technology to help governments thwart national security threats. But human rights groups and journalists have repeatedly documented the use of spyware to attack civil society, undermine political opposition, and interfere with elections.
Apple notified thousands of ForcedEntry targets in November, prompting elected officials, journalists and human rights activists around the world to realize they were under surveillance.
For example, in Uganda, NSO’s ForcedEntry was used to spy on US diplomats, Reuters reported.
In addition to the Apple lawsuit, Meta’s WhatsApp is also suing over alleged misuse of its platform. In November, NSO was placed on a trade blacklist by the US Department of Commerce over human rights concerns.
Unlike NSO, QuaDream has kept a low profile, despite serving a few similar government customers. According to a person familiar with the company, the company does not have a website to describe its business and employees have been asked to keep any reference to their employer off social media.
Governance
Quadream was founded in 2016 by Ilan Debelstein, a former Israeli military officer, and two former NSO employees, Guy Geva and Nimrod Reznik, according to two people familiar with Israeli corporate records and business. Reuters could not reach the three officials for comment.
Like NSO’s Pegasus spyware, Quadream’s flagship product — called REIGN — takes control of smartphones by removing instant messages from emails, photos, texts and contacts, along with services like WhatsApp, Telegram and Signal, according to two product brochures. can take. from 2019 and 2020 that were reviewed by Reuters.
A brochure states that REIGN’s “premium collection” capabilities include “real-time call recording”, “camera activation – back and forth” and “microphone activation”.
Prices appeared to be changing. According to the 2019 brochure, the One Quaddream system, which would have given customers the ability to launch 50 smartphone break-ins per year, was being offered for $2.2 million exclusive of maintenance costs. Two people familiar with software sales said REIGN’s price was generally higher.
Over the years, Quadream and NSO Group have hired some similar engineering talent, according to three people familiar with the matter. Two of those sources said the companies did not cooperate in their iPhone hacks, coming up with their own ways to take advantage of the vulnerabilities.
Several buyers of Quadream also overlap with NSO, four sources said, including Saudi Arabia and Mexico – both accused of misusing spy software to target political opponents.
One of Quadream’s first customers was the government of Singapore, two sources said, and documentation reviewed by Reuters shows the company’s surveillance technology was also offered to the Indonesian government. Reuters could not determine whether Indonesia has become a customer.
Mexican, Singaporean, Indonesian and Saudi officials did not return messages seeking comment about the Quadream.
read all breaking news, today’s fresh news And coronavirus news Here.
,