Israeli Hacking Spyware In Widespread Use

Uploaded on 2023-04-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

An Israeli firm's hacking tools have been used against journalists, opposition figures and advocacy organisations across at least 10 countries, according to new research published by Microsoft .

The new Israeli-made spyware which resembles the notorious Pegasus malware program has been used to target journalists and opposition politicians in several countries. Pegasus is developed and sold by the Israeli spyware company NSO Group.

Confirming Microsoft's report, researchers at Toronto University's Citizen Lab have identified a number of individual victims whose iPhones had been hacked using surveillance software developed by QuaDream, another Israeli company, 

Quadream is a surveillance technology company founded in 2014 by a group including two former NSO Group employees and is a competitor to the Israeli spyware company NSO Group, which has been blacklisted by the US government over allegations of abuse. 

Once placed on a user's phone or computer, QuaDream's spyware can record audio from a phone call, record external sounds from a device's microphone, take pictures from cameras, and search the device's files, all without the user's knowledge.

In their report on surveillance malware, Microsoft said it believed with "high confidence" that the spyware was "strongly linked to QuaDream." In a statement, Microsoft Associate General Counsel Amy Hogan-Burney said that mercenary hacking groups like QuaDream "thrive in the shadows" and that publicly outing them was "essential to stopping this activity."

These reports have appeared following a US crackdown on the international spyware industry. The White House recently announced an Executive Order intended to stop the purchase of surveillance software by US agencies if the programs are also being used by repressive governments abroad.

According to the Presidential Executive Order, the US government has a national security interest in ensuring that technology is developed, deployed, and governed in accordance with the rule of law and appropriate legal authoristion and safeguards "... mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems...”

According to Citizen Lab, QuaDream has already marketed its spyware and services to government clients including Singapore, Saudi Arabia, Mexico, Ghana, Indonesia and Morocco. Attempts by reporters to contact QuaDream for comment, including a visit to the company’s office near Tel Aviv, have been unsuccessful.

Citizen Lab:     Microsoft:     Reuters:      White House:    Malaysia Now:   Silicon

You Might Also Read: 

Technology Is Disrupting Intelligence & Espionage:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Alibaba Plans An Artificial Intelligence Rival To ChatGPT
Soft Cell Hackers Have New Targets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Versasec

Versasec

Versasec is a leader in identity and access management, providing customers with security solutions for managing digital identities.

Trapezoid

Trapezoid

Trapezoid is a cybersecurity company developing Firmware Integrity Management solutions designed to detect unauthorized changes to firmware & BIOS across the entire data center infrastructure.

National Cyber and Information Security Agency (NUKIB) - Czech Republic

National Cyber and Information Security Agency (NUKIB) - Czech Republic

NUKIB is the central Czech government body for cyber security, the protection of classified information in the area of information and communication systems and cryptographic protection.

Gemserv

Gemserv

Gemserv is a specialist market design, governance and assurance services consultancy.

Ekran System

Ekran System

Ekran System is an advanced insider threat detection solution for companies of any size.

Secure Soft

Secure Soft

Secure Soft are experts in Computer and Information Security with a presence in Peru, Colombia and Ecuador.

Purple Security

Purple Security

Purple Security arises from the association of specialists in offensive security (ethical hackers, white hats) and experts in insurance, compliance and implementation of industry standards.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

Uptycs

Uptycs

Uptycs combines the open source universal agent, osquery, with a scalable security analytics platform for fleet visibility, intrusion detection, vulnerability monitoring and compliance.

CyberSafe

CyberSafe

CyberSafe is a Portuguese company with a focus on cybersecurity solutions and services including network security, managed security, incident response and forensic analysis.

Rayzone Group

Rayzone Group

Rayzone Group offers a wide range of Cyber Security solutions and services, providing hollistic protection suitable for both enterprises and National cyber security centers.

Slamm Technologies

Slamm Technologies

Slamm Technologies is a trusted IT firm that offers Cyber Security Support, Corporate IT Solutions and Professional IT Training courses with international certification.

Cyberplc

Cyberplc

Cyberplc is a global cybersecurity consulting firm providing services to government, the public sector and enterprises.

Olympix

Olympix

Dev-first Web3 security that starts at the source. Olympix is a pioneering DevSecOps tool that puts security in the hands of the developer by proactively securing code from day one.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.

Waterleaf International

Waterleaf International

Waterleaf provide advanced network and cybersecurity solutions - informed by data sciences. Transforming Connectivity, Security and Information for Municipalities, Government & Enterprise.