A win against “Zero-Click” infections designed to exfiltrate data from mobile devices

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose.

It was a high-stakes game of cat and mouse between the tech giants and the shadowy world of cyber espionage this week as Microsoft exposed the QuaDream hacking toolset!

QuaDream, which specialises in hacking Apple devices using “zero-click” infections which do not require any action on the part of the victim, is also said to have fired all its employees, with the firm undergoing significant downsizing, according to Haaretz and The Jerusalem Post, and reports followed of a purported shutdown.

“REIGN”, which is the name by which QuaDream’s framework is known, has been outed as having been used against journalists, political opposition figures, and NGO workers across the world. It is a suite of exploits, malware, and infrastructure designed to exfiltrate data from mobile devices.

What are Apple doing about it?

Apple told The Hacker News last week that there was no indication to suggest that the exploit, codenamed ENDOFDAYS, had been put to use since the company released iOS 14.4.2 in March 2021. The exploit would deploy sophisticated surveillance-ware capable of surreptitiously gathering sensitive information, including audio, pictures, passwords, files, and locations.

ENDOFDAYS “appears to make use of invisible iCloud calendar invitations sent from the spyware’s operator to victims,” the researchers said, adding the .ics files contain invites to two backdated and overlapping events so as to not alert the users.

Apple also addressed a vulnerability in iMessage in September 2021.

Apple have released a new update this week and it’s highly recommended that you bring your devices up-to-date – iOS 16.4.1 

This is not the first time QuaDream has attracted attention. In December 2022, Meta disclosed that it took down a network of 250 fake accounts on Facebook and Instagram that were controlled by QuaDream to infect Android and iOS devices and exfiltrate personal data – an operation that spanned roughly 70 countries across 42 languages. 

The shutdown of QuaDream, a notorious Israeli spyware vendor, is a significant development in the fight against cyber espionage. However, the fight against cyber espionage is far from over, and it is essential to remain vigilant and keep up with the latest updates to stay protected.

Bondi Platform can help individuals and organisations protect their digital assets and mitigate the risk of cyber-attacks. The platform offers comprehensive security solutions, including real-time threat detection, incident response, and vulnerability management. Bondi Platform also provides proactive security assessment and management to help businesses identify and address potential security threats before they can be exploited. With Bondi Platform, users can rest assured that their devices and digital assets are protected against cyber threats.


Share this post