We have already seen how worrying the iOS vulnerability was and allowed the NSO group to use its Pegasus malware for espionage purposes, which even had repercussions for Spanish politics. And if you wanted broth… now Reuters has uncovered another company that has taken advantage of this same vulnerability to spy on members of governments.
This company is called QuaDream, it was founded by an ex-Israeli soldier in 2016 and as our colleagues from Xataka comment, its objective is the same government espionage as NSO Group. Their weapon to take advantage of the ForcedEntry vulnerability was REIGN, and with it they sought to safeguard the victim’s iPhone communications.
One video call was enough to turn politicians into victims
REIGN was able to save emails and messages from Telegram, WhatsApp or Signal, among others. Moreover, iPhone contacts, photos or SMS messages could also be copied; and for an additional payment, they could record phone calls or activate the camera and microphone to record the victim in real time. According to Reuters, the REIGN fee was $2.2 million to be able to attack 50 mobiles per year.
The source provides a list of countries that have allegedly paid for QuaDream’s services, including Mexico, Saudi Arabia, Indonesia or Singapore. Some of these countries were also among NSO Group’s customers.
The ForcedEntry vulnerability exploited by both Pegasus and REIGN (which used video calling to inject malicious code into iPhones) has been patched for some time, but the appearance of this new company only compounds the problem. government espionage, commissioned by other governments, and at the hands of private companies. No matter how hard you try, iOS will never be perfect, and it’s clear that there are parties interested in taking advantage of any security flaws that are discovered.
Moral? Let’s update our iPhones as soon as possible.
Picture | picjumbo