A Second Surveillance Firm Was Caught Hacking iPhones

Like NSO Group, QuaDream was installing spyware using zero-click vulnerability

In addition to NSO Group, a second surveillance firm was found to have been using the iPhone's zero-click exploit to spy on users.

According to Reuters, the QuaDream firm was similarly using the zero-click exploit to spy on its targets without the need to trick them into downloading or clicking on anything. Sources allege that QuaDream began using this ForcedEntry exploit in iMessage that was first discovered in September 2021. Apple was quick to patch the exploit within that same month.

Smartphone with security cameras

Jeffrey Coolidge / Getty Images

QuaDream's flagship spyware, dubbed REIGN, worked much like NSO Group's Pegasus spyware by installing itself on target devices without warning or need for user interaction. Once in place, it began gathering contact info, emails, messages from various messaging apps, and photos. According to a brochure acquired by Reuters, REIGN also offered call recording and camera/microphone activation.

QuaDream is suspected of using the same exploit as NSO Group because, according to sources, both spyware programs took advantage of similar vulnerabilities. They both also used a similar approach to installing malicious software, and Apple's patch managed to stop both of them in their tracks.

While the zero-click vulnerability in iMessage has been addressed, effectively cutting off both Pegasus and REIGN, it's not a permanent solution. As Reuters points out, smartphones are not (and will probably never be) completely secure from every conceivable form of attack.

Was this page helpful?