A zero-click exploit for the iPhone similar to the spyware 'Pegasus' was also used by another Israeli company
It is known that the spyware '
EXCLUSIVE iPhone defect exploited by second Israeli spy firm-sources | Reuters
https://www.reuters.com/technology/exclusive-iphone-flaw-exploited-by-second-israeli-spy-firm-sources-2022-02-03/
Second Israeli firm developed & sold exploit to break into iPhones remotely | AppleInsider
https://appleinsider.com/articles/22/02/03/second-israeli-firm-developed-sold-exploit-to-break-into-iphones-remotely
Developed by NSO Group, Pegasus was used to monitor more than 180 journalists in 20 countries, and was also used to monitor 10 prime ministers, 3 presidents, and 1 king. Spyware. The zero-click exploit called FORCEDENTRY used by Pegasus allows you to hack your device simply by sending a message to your target iPhone via iMessage and displaying the GIF image attached to the message.
Project Zero, Google's zero-day vulnerability discovery team, described FORCE DENTRY as 'the most technically sophisticated exploit.' You can find out how FORCEDENTRY works by reading the following article.
Google's Project Zero points out that the zero-click exploit for iPhone used in Pegasus, a spyware used for VIP monitoring, is 'the most technically sophisticated exploit'-GIGAZINE
With Pegasus getting a lot of attention, Reuters reported that NSO Group's competitor Israeli security company Qua Dream was also developing and selling spyware that exploited the same vulnerabilities as FORCE DENTRY. QuaDream is a company that sells smartphone hacking tools to government customers, but it is less well known than the NSO Group and does not have a website to promote its business.
Bill Marksack, a security researcher at the University of Toronto's interdisciplinary research institute Citizen Lab, analyzed the hacking tools of both companies and found that the zero-click exploits used by Qua Dream appear to be 'equivalent' to those of the NSO Group. I told Reuters. According to a person familiar with the matter, Apple fixed a fundamental flaw in FORCE DENTRY in September 2021, and both NSO Group and Qua Dream spyware stopped working.
According to an informant familiar with Israeli corporate records and business, Qua Dream is a former Israeli military Ilan Dabelstein, a former NSO Group employee Guy Geva, and a former NSO Group employee Nimrod Reznik. It was founded in 2016 by people. The flagship spyware 'REIGN' sold by QuaDream is said to control smartphones and steal messages, photos, contacts, etc. such as WhatsApp, Telegram, and Signal.
In addition, REIGN's 'Premium Collection Function' is reported to include real-time call recording voice, camera activation, microphone activation, and more. According to the 2019 pamphlet, the price of QuaDream supports 50 smartphone intrusions a year and is $ 2.2 million (about 250 million yen) excluding maintenance costs, which is common. It seems that it is more expensive than the market price.
QuaDream and NSO Group are said to have duplicate customers, but the person who provided information to Reuters testified that QuaDream and NSO Group independently reached similar zero-click exploits. .. A spokeswoman for NSO Group also commented in a statement to Reuters that it had no partnership with Qua Dream.
In November 2021, the United States Industrial Security Agency (BIS) added the NSO Group to the blacklist, and Apple also banned the NSO Group from using Apple terminals, software and services. We are suing for a 'permanent injunction.'
Apple sues NSO Group, developer of 'Pegasus' used to monitor dignitaries and journalists-GIGAZINE
Reuters asked Apple about comments on Qua Dream and plans to file a lawsuit, but a spokeswoman said he refused to respond.
Related Posts:
