Forwarded from Pegasus NSO & other spyware
Sweet QuaDreams: A First Look at Spyware Vendor QuaDreamβs Exploits, Victims, and Customers - The Citizen Lab β 2023
#Quadream #spyware #ENFOFDAYS #Ios #Calendar #Icloud
Based on an analysis of samples shared with us by Microsoft Threat Intelligence, we developed indicators that enabled us to identify at least five civil society victims of QuaDreamβs spyware and exploits in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims include journalists, political opposition figures, and an NGO worker. We are not naming the victims at this time.
We also identify traces of a suspected iOS 14 zero-click exploit used to deploy QuaDreamβs spyware.
The exploit was deployed as a zero-day against iOS versions 14.4 and 14.4.2, and possibly other versions. The suspected exploit, which we call ENDOFDAYS, appears to make use of invisible iCloud calendar invitations sent from the spywareβs operator to victims.
#Quadream #spyware #ENFOFDAYS #Ios #Calendar #Icloud
Forwarded from Pegasus NSO & other spyware
The growth of commercial spyware based intelligence providers without legal or ethical supervision β Talos - July 2023
#Quadream #VaristonIT #DSIRF #Intellexa #NSO
Attackers have long used commercial products developed by legitimate companies to compromise targeted devices. These products are known as commercial spyware. Commercial spyware operations mainly target mobile platforms with zero- or one-click zero-day exploits to deliver spyware. This threat initially came to light with the leaks of HackingTeam back in 2015, but gained new notoriety with public reporting on the NSO Group, and, in the years that have followed, the landscape has exploded.
There are now numerous companies with similar offerings, like Intellexa, DSIRF, Variston IT, and the newly disclosed Quadream representing just a small subset β there are likely more that are operating covertly today.
#Quadream #VaristonIT #DSIRF #Intellexa #NSO