Israeli Hacking Spyware In Widespread Use

An Israeli firm's hacking tools have been used against journalists, opposition figures and advocacy organisations across at least 10 countries, according to new research published by Microsoft .

The new Israeli-made spyware which resembles the notorious Pegasus malware program has been used to target journalists and opposition politicians in several countries. Pegasus is developed and sold by the Israeli spyware company NSO Group.

Confirming Microsoft's report, researchers at Toronto University's Citizen Lab have identified a number of individual victims whose iPhones had been hacked using surveillance software developed by QuaDream, another Israeli company, 

Quadream is a surveillance technology company founded in 2014 by a group including two former NSO Group employees and is a competitor to the Israeli spyware company NSO Group, which has been blacklisted by the US government over allegations of abuse. 

Once placed on a user's phone or computer, QuaDream's spyware can record audio from a phone call, record external sounds from a device's microphone, take pictures from cameras, and search the device's files, all without the user's knowledge.

In their report on surveillance malware, Microsoft said it believed with "high confidence" that the spyware was "strongly linked to QuaDream." In a statement, Microsoft Associate General Counsel Amy Hogan-Burney said that mercenary hacking groups like QuaDream "thrive in the shadows" and that publicly outing them was "essential to stopping this activity."

These reports have appeared following a US crackdown on the international spyware industry. The White House recently announced an Executive Order intended to stop the purchase of surveillance software by US agencies if the programs are also being used by repressive governments abroad.

According to the Presidential Executive Order, the US government has a national security interest in ensuring that technology is developed, deployed, and governed in accordance with the rule of law and appropriate legal authoristion and safeguards "... mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems...”

According to Citizen Lab, QuaDream has already marketed its spyware and services to government clients including Singapore, Saudi Arabia, Mexico, Ghana, Indonesia and Morocco. Attempts by reporters to contact QuaDream for comment, including a visit to the company’s office near Tel Aviv, have been unsuccessful.

Citizen Lab:     Microsoft:     Reuters:      White House:    Malaysia Now:   Silicon

You Might Also Read: 

Technology Is Disrupting Intelligence & Espionage:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Alibaba Plans An Artificial Intelligence Rival To ChatGPT
Soft Cell Hackers Have New Targets »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

AvePoint

AvePoint

AvePoint is an established leader in enterprise-class data management, governance, and compliance software solutions.

ID-SIRTII/CC

ID-SIRTII/CC

Security Incident Response Team for Internet Infrastructure in Indonesia.

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets (CS4CA)

Cyber Security For Critical Assets is a global series of summits focusing on cyber security for critical infrastructure.

RISE

RISE

RISE is an independent, State-owned research institute, which offers unique expertise and over 100 testbeds and demonstration environments for future-proof technologies, products and services.

Meterian

Meterian

The Meterian Platform is a fuss-free solution to protect you against vulnerabilities in your app’s software supply chain.

Thoma Bravo

Thoma Bravo

Thoma Bravo is a leading private equity firm with a 40+ year history and a focus on investing in software and technology companies.

Seadot Cybersecurity

Seadot Cybersecurity

Seadot offer cybersecurity services to organizations with a high demand for regulatory compliance and security.

Nexon Asia Pacific

Nexon Asia Pacific

Nexon solutions include cloud infrastructure and services, unified communications, managed security services, business continuity, secured high-performance network and business applications.

Amnesty Tech

Amnesty Tech

Amnesty Tech's Security Lab leads technical investigations into cyber-attacks against civil society and provides critical support when individuals face such attacks.

Alkira

Alkira

Alkira has reinvented networking for the cloud era by delivering the network cloud, the first global unified network infrastructure with on-demand hybrid and multi-cloud connectivity.

Moss Adams

Moss Adams

Moss Adams is a fully integrated professional services firm dedicated to assisting clients with growing, managing, and protecting prosperity.

InfoSec4TC

InfoSec4TC

InfoSec4tc is an online Information Security Courses, Training, and Consultancy provider.

RSK Cyber Security

RSK Cyber Security

RSK Cyber Security are a leading cyber security services company that uses services, consulting, and product knowledge to lower security risk across the board.

Wired Assurance

Wired Assurance

Wired Assurance is a testing and assurance company, specialized in software applications and blockchain smart contracts.

PayPal Ventures

PayPal Ventures

PayPal Ventures invests in companies at the forefront of innovation in fintech, payments, commerce enablement, artificial intelligence, blockchain and cryptocurrency, regulatory and cyber technology.

eGeneration

eGeneration

eGeneration is one of the leading technology solutions and system integration companies in Bangladesh.