Microsoft and Citizen Lab have discovered a new commercial spyware that has been used to compromise iPhones belonging to high-risk individuals, including journalists, political opposition figures, and an NGO worker.
The spyware was created by an Israel-based company called QuaDream, which used a zero-click exploit named ENDOFDAYS to target iPhones running iOS 1.4 up to 14.4.2 between January 2021 and November 2021.
The attackers used backdated and “invisible iCloud calendar invitations” to target iPhones. When iCloud calendar invitations with backdated timestamps are received on iOS devices, they are automatically added to the user’s calendar without any notification or prompt, allowing the ENDOFDAYS exploit to run without user interaction and making the attacks undetectable by the targets.
Citizen Lab researchers found that at least five civil society victims had their iPhones hacked by QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East. The researchers did not disclose the identities of the victims.
The spyware deployed in this campaign, dubbed KingsPawn by Microsoft, was designed to self-delete itself and clean out any tracks from victims’ iPhones to evade detection. According to Citizen Lab’s analysis, the spyware comes with a wide range of features, including:
Citizen Lab found QuaDream servers in multiple countries, including Bulgaria, the Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, United Arab Emirates (UAE), and Uzbekistan.
The discovery of QuaDream’s commercial spyware is another reminder of the growing industry for mercenary spyware, and the need for continued vigilance by researchers and potential targets alike. Without systemic government regulations, the abuse cases of commercial spyware is likely to continue to grow, fueled both by companies with recognizable names, as well as others still operating in the shadows.
Explore efficiency with the Top 5 Best Project Management Software – streamline tasks, boost collaboration,…
Explore the top 5 best free antivirus apps for Android smartphones – your essential defense…
Unlocking India's DPDP Act: Your Guide to Rights, Responsibilities, and Top 5 Tools for 2024.…
Uncover insights on advanced features, performance, and user experiences. Discover the top 5 best Data…
Unlock efficient Windows Server patching with insights on top tools and vendors. Streamline your cybersecurity…
Software deployment is the process of rolling out an application, which could occur manually or…