Israeli spyware firm QuaDream linked to hacks on journalists and politicians
An Israeli-made spyware resembling the controversial Pegasus programme has been used to target journalists and opposition politicians in at least ten countries around the world, researchers have found.
The little-known Israeli vendor named QuaDream, which markets spyware under the name "Reign", was established by a former Israeli military official and veterans of the NSO Group, the creator of Pegasus, cybersecurity researchers from Citizen Lab at the University of Toronto said on Tuesday.
According to the researchers, QuaDream prefers to keep a low profile and has largely avoided the limelight, in contrast with its competitor, Israel's NSO Group.
Unlike the NSO Group, which was blacklisted by the US in 2021 for its ties to illegal surveillance programmes, QuaDream has escaped scrutiny, until now.
Reign’s "Premium Collection" capabilities included "real-time call recordings, camera activation - front and back," and "microphone activation," according to a company brochure uncovered by Citizen Lab.
Stay informed with MEE's newsletters
Sign up to get the latest alerts, insights and analysis, starting with Turkey Unpacked
QuaDream has sold its products to a range of government clients including the United Arab Emirates, Saudi Arabia, Mexico, and Ghana, and has pitched its services to Indonesia and Morocco.
As part of its strategy to avoid the pitfalls that the NSO Group faced, QuaDream operates with a minimal public presence, meaning no website, no media coverage, and no social media presence.
The attacks launched by QuaDream compromised phones running iOS 14, a state-of-the-art iPhone operating system, between 2020 and 2021.
The attacks were connected to calendar invitations and worked without user interaction, which is considered as a "zero click" attack.
"The firm has common roots with NSO Group, as well as other companies in the Israeli commercial spyware industry, and the Israeli government's own intelligence agencies," Citizen Lab said.
Last year Reuters reported that NSO and Reign at one point both exploited the same iOS bug to hack into devices.
Mounting legal woes
Israel has faced repeated criticism and diplomatic pressure over spyware and other cyber weapons being developed in the country.
Last month, the White House said that Pegasus has been used by governments "to facilitate repression and enable human rights abuses".
In December 2022, a prominent Bahraini activist and blogger, the UK-based dissident Yusuf al-Jamri, started legal action against the NSO Group over allegations that his phone was hacked with Pegasus.
Four other UK-based Arab dissidents have also taken legal action this year against the NSO Group, Saudi Arabia and the UAE over allegations that they were targeted with Pegasus.
The Pegasus software has been used by governments, including Morocco, Saudi Arabia, and the UAE, to illegally access the phone data of activists and journalists worldwide.
In 2021, Amnesty International obtained a leaked database of 50,000 phone numbers selected by NSO Group clients. The reporting revealed the widespread and international use of spyware to target politicians, activists and journalists.
The US Supreme Court in January allowed Meta Platforms Inc's WhatsApp to pursue a lawsuit against NSO Group for exploiting a bug in the messaging app that installed spy software, enabling the surveillance of hundreds of people, including journalists, human rights activists, and dissidents.
WhatsApp - owned by Meta (formerly Facebook) - filed its lawsuit against the NSO Group in 2019, accusing the company of allegedly targeting its servers in California with malware to gain unauthorised access to approximately 1,400 mobile devices in violation of US state and federal law.
Last year, the Biden administration placed the NSO Group on an "Entity List" of companies considered to be engaged in activities contrary to US foreign policy and national security. The administration accused it of enabling "transnational repression" with its spyware.
NSO also faces a lawsuit from Apple, which claims the spyware maker violated US laws by breaking into the software installed on its iPhones.
Middle East Eye delivers independent and unrivalled coverage and analysis of the Middle East, North Africa and beyond. To learn more about republishing this content and the associated fees, please fill out this form. More about MEE can be found here.
