Israeli Hacking Spyware In Widespread Use

Uploaded on 2023-04-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

An Israeli firm's hacking tools have been used against journalists, opposition figures and advocacy organisations across at least 10 countries, according to new research published by Microsoft .

The new Israeli-made spyware which resembles the notorious Pegasus malware program has been used to target journalists and opposition politicians in several countries. Pegasus is developed and sold by the Israeli spyware company NSO Group.

Confirming Microsoft's report, researchers at Toronto University's Citizen Lab have identified a number of individual victims whose iPhones had been hacked using surveillance software developed by QuaDream, another Israeli company, 

Quadream is a surveillance technology company founded in 2014 by a group including two former NSO Group employees and is a competitor to the Israeli spyware company NSO Group, which has been blacklisted by the US government over allegations of abuse. 

Once placed on a user's phone or computer, QuaDream's spyware can record audio from a phone call, record external sounds from a device's microphone, take pictures from cameras, and search the device's files, all without the user's knowledge.

In their report on surveillance malware, Microsoft said it believed with "high confidence" that the spyware was "strongly linked to QuaDream." In a statement, Microsoft Associate General Counsel Amy Hogan-Burney said that mercenary hacking groups like QuaDream "thrive in the shadows" and that publicly outing them was "essential to stopping this activity."

These reports have appeared following a US crackdown on the international spyware industry. The White House recently announced an Executive Order intended to stop the purchase of surveillance software by US agencies if the programs are also being used by repressive governments abroad.

According to the Presidential Executive Order, the US government has a national security interest in ensuring that technology is developed, deployed, and governed in accordance with the rule of law and appropriate legal authoristion and safeguards "... mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems...”

According to Citizen Lab, QuaDream has already marketed its spyware and services to government clients including Singapore, Saudi Arabia, Mexico, Ghana, Indonesia and Morocco. Attempts by reporters to contact QuaDream for comment, including a visit to the company’s office near Tel Aviv, have been unsuccessful.

Citizen Lab:     Microsoft:     Reuters:      White House:    Malaysia Now:   Silicon

You Might Also Read: 

Technology Is Disrupting Intelligence & Espionage:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Alibaba Plans An Artificial Intelligence Rival To ChatGPT
Soft Cell Hackers Have New Targets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ClearedJobs.Net

ClearedJobs.Net

ClearedJobs.Net is a career site and job fair company for professionals seeking careers in the defense, intelligence and cyber security communities.

Crossmatch

Crossmatch

Crossmatch is a world leader in risk-based composite authentication and biometric identity management.

Codified Security

Codified Security

Codified is a testing platform for mobile application software. We make it easier than ever for companies to detect and fix security vulnerabilities and ensure their applications are compliant.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Commonwealth Cybercrime Initiative (CCI)

Commonwealth Cybercrime Initiative (CCI)

The CCI unites 35 international organisations contributing to multidisciplinary programmes in Commonwealth countries. These organisations form the CCI Consortium.

CSIRT Italia

CSIRT Italia

CSIRT Italia is the national Computer Security Incident Response Team for Italy.

ISMS Accreditation Center (ISMS-AC)

ISMS Accreditation Center (ISMS-AC)

ISMS-AC is the national accreditation body for Japan. The directory of members provides details of organisations offering certification services for ISO 27001.

CloudBolt Software

CloudBolt Software

CloudBolt provide solutions for your toughest cloud challenges. From automation, to cost and security, and hybrid IT governance — we have you covered.

C3i Hub

C3i Hub

C3i Hub aims to address the issue of cyber security of cyber physical systems in its entirety, from analysing security vulnerabilities to developing tools and technologies.

Redbot Security

Redbot Security

Redbot Security provides industry leading manual penetration testing. Protecting critical systems and data - red team attack and breach simulations, (OT) critical infrastructure testing.

Open Web Application Security Project (OWASP)

Open Web Application Security Project (OWASP)

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software.

CodeLock

CodeLock

Codelock is a patent-pending solution that continuously provides software security at the code level, while providing advanced management insights with performance metrics and data analytics.

Kubus Hitam

Kubus Hitam

Kubus Hitam are a research-based company focused on cyber security. we strongly believe that innovation and safety are the two keywords for the future business market.

Rampart AI

Rampart AI

Tackling DevSecOps Issues In Application Security. Rampart has revolutionized the shift left security approach, applying zero-trust to application development.

Options Technology

Options Technology

Options is a global leader in financial technology, specialising in Capital Markets technology and enterprise-grade solutions.

Algoritha

Algoritha

Algoritha is a pioneering entity in the realm of security and forensic services.