Failing Israeli-based Cybersecurity company QuaDream has been accused of making and distributing illegal spyware, according to researchers from Citizen Lab and Microsoft. In fact, Microsoft has “high confidence” that the spyware it found was “strongly linked to QuaDream.”
The Reign Malware infected vulnerable iOS 14 devices as far back as 2021. While it’s only been found targeting iOS 14 devices, some information indicated that it may be able to affect select Android devices. The hacking tools have been used against opposition figures, journalists, and advocacy groups around the world, appearing in at least 10 countries across Europe and North America.
After the malware is deployed onto a target’s phone through a malicious iCloud invitation, the attacks can listen to and record phone calls, track a victim’s location, take pictures, and relay all the information back to their control center.
Previously, the same company had been responsible for selling a “zero-click” hacking tool that Reuters reported on in 2022 — it isn’t the first time QuaDream has faced allegations of selling hacking tools. The company is a lesser-known competitor to another Israeli tech company selling spyware, The NSO Group. After the research was revealed, however, the company has become largely defunct.
“The company hasn’t been fully active for a while, and it is believed that there are only two employees left in its offices whose job it is to look after the computers and other equipment,” says the report. Previous employees are also being called in for hearings. “At the same time, the board of directors is trying to sell the company’s intellectual property.”
Microsoft Associate General Counsel Amy Hogan-Burney said that companies like QuaDrive “thrive in the shadows.” He added that exposing shady tech companies is vital to prevent them from fooling customers again and to stop other would-be cyber criminals from attempting to sell illegal tools.