Following a report on its activities, the Israeli spyware company QuaDream has shut down.
This was QuadDream:
Key Findings
Based on an analysis of samples shared with us by Microsoft Threat Intelligence, we developed indicators that enabled us to identify at least five civil society victims of QuaDream’s spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time.
We also identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDream’s spyware. The exploit was deployed as a zero-day against iOS versions 14.4 and 14.4.2, and possibly other versions. The suspected exploit, which we call ENDOFDAYS, appears to make use of invisible iCloud calendar invitations sent from the spyware’s operator to victims.
We performed Internet scanning to identify QuaDream servers, and in some cases were able to identify operator locations for QuaDream systems. We detected systems operated from Bulgaria, Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, United Arab Emirates (UAE), and Uzbekistan.
I don’t know if they sold off their products before closing down. One presumes that they did, or will.
More Stories
White House to Tackle AI-Generated Sexual Abuse Images
White House issues new voluntary commitments to combat image-based sexual abuse in AI Read More
Legacy Ivanti Cloud Service Appliance Being Exploited
CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer...
Half of UK Firms Lack Basic Cybersecurity Skills
A new government report reveals that nearly half of UK businesses lack basic cybersecurity skills, while advanced skills like penetration...
Advanced Phishing Attacks Put X Accounts at Risk
SIM swapping and “adversary-in-the-middle” can bypass security for accounts on X (formerly Twitter) Read More
Apple to Drop Spyware Lawsuit Over Security Concerns
Apple filed a motion to drop its lawsuit against NSO Group, fears key elements of its cyber defensive measures could...
Tackling the Unique Cybersecurity Challenges of Online Learning Platforms
The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of...