The iPhone flaw exploited by an Israeli company NSO’s spyware “Pegasus” was simultaneously abused by a competing Israeli company, QuaDream in 2021. Reuters reports that QuaDream is a smaller and low profile Israeli firm which also developed zero-day spyware to hack smartphones for government clients.
NSO’s Pegasus spyware hacked iPhones and Android smartphones via zero-click attacks which do not require any action from the victim to access data. Similarly, QuaDream’s spyware also used the “zero-click” exploits to hack smartphones.
Use of zero-day exploits by another spyware firm reveals that iPhones and Android smartphones are not as secure as we believe
QuaDream was founded by a former Israeli military official, Ilan Dabelstein, and two former NSO employees, Guy Geva and Nimrod Reznik, in 2016. The firm’s spyware REIGN executes the zero-day attacks to gain control of the targets’ smartphones, access their instant messages, emails, contacts, texts, and photos. In addition, premium collection capabilities included access to victims’ call recordings in real-time, camera, and microphone.
According to the report, NSO and QuaDream acquired the same zero-click software exploits known as “ForcedEntry” to break into iPhones and Android devices in 2021. The existence of another firm with sophisticated spyware reveals that smartphones are more vulnerable to cyber attacks than the tech companies would want consumers to believe.
The two rival businesses gained the same ability last year to remotely break into iPhones, according to the five sources, meaning that both firms could compromise Apple phones without an owner needing to open a malicious link. That two firms employed the same sophisticated hacking technique – known as a “zero-click” – shows that phones are more vulnerable to powerful digital spying tools than the industry will admit, one expert said.
“People want to believe they’re secure, and phone companies want you to believe they’re secure. What we’ve learned is, they’re not,” said Dave Aitel, a partner at Cordyceps Systems, a cybersecurity firm.
Although NSO is declared a national security risk by the U.S. Commerce Department’s Bureau of Industry and Security (BIS) and Apple has sued the company, the discovery of more spyware developers shows that NSO is one of many cyber intelligence companies with sophisticated hacking tools. The report states:
So similar were the two versions of ForcedEntry that when Apple fixed the underlying flaws in September 2021 it rendered both NSO and QuaDream’s spy software ineffective, according to two people familiar with the matter.
In a written statement, an NSO spokeswoman said the company “did not cooperate” with QuaDream but that “the cyber intelligence industry continues to grow rapidly globally.”
In November 2021, The Citizen Lab reported on Predator by Cytrox, another spyware to breach iPhones. In 2021, Predator and Pegasus were used to hack the iPhones of two Egyptians living in exile.