Israeli Hacking Spyware In Widespread Use

Uploaded on 2023-04-24 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

An Israeli firm's hacking tools have been used against journalists, opposition figures and advocacy organisations across at least 10 countries, according to new research published by Microsoft .

The new Israeli-made spyware which resembles the notorious Pegasus malware program has been used to target journalists and opposition politicians in several countries. Pegasus is developed and sold by the Israeli spyware company NSO Group.

Confirming Microsoft's report, researchers at Toronto University's Citizen Lab have identified a number of individual victims whose iPhones had been hacked using surveillance software developed by QuaDream, another Israeli company, 

Quadream is a surveillance technology company founded in 2014 by a group including two former NSO Group employees and is a competitor to the Israeli spyware company NSO Group, which has been blacklisted by the US government over allegations of abuse. 

Once placed on a user's phone or computer, QuaDream's spyware can record audio from a phone call, record external sounds from a device's microphone, take pictures from cameras, and search the device's files, all without the user's knowledge.

In their report on surveillance malware, Microsoft said it believed with "high confidence" that the spyware was "strongly linked to QuaDream." In a statement, Microsoft Associate General Counsel Amy Hogan-Burney said that mercenary hacking groups like QuaDream "thrive in the shadows" and that publicly outing them was "essential to stopping this activity."

These reports have appeared following a US crackdown on the international spyware industry. The White House recently announced an Executive Order intended to stop the purchase of surveillance software by US agencies if the programs are also being used by repressive governments abroad.

According to the Presidential Executive Order, the US government has a national security interest in ensuring that technology is developed, deployed, and governed in accordance with the rule of law and appropriate legal authoristion and safeguards "... mitigating, to the greatest extent possible, the risk emerging technologies may pose to United States Government institutions, personnel, information, and information systems...”

According to Citizen Lab, QuaDream has already marketed its spyware and services to government clients including Singapore, Saudi Arabia, Mexico, Ghana, Indonesia and Morocco. Attempts by reporters to contact QuaDream for comment, including a visit to the company’s office near Tel Aviv, have been unsuccessful.

Citizen Lab:     Microsoft:     Reuters:      White House:    Malaysia Now:   Silicon

You Might Also Read: 

Technology Is Disrupting Intelligence & Espionage:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Alibaba Plans An Artificial Intelligence Rival To ChatGPT
Soft Cell Hackers Have New Targets »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Attivo Networks

Attivo Networks

Attivo Networks is an award winning provider of deception for in-network threat detection, attack forensic analysis, and continuous threat response.

mnemonic

mnemonic

mnemonic helps businesses manage their security risks, protect their data and defend against cyber threats.

Telspace Africa

Telspace Africa

Telspace Africa provide the highest level of IT security solutions including advisory, penetration testing, vulnerability assessments, red teaming, social engineering and training.

Payatu

Payatu

Payatu Technologies is a security testing and services company specialized in Software, Application and Infrastructure security assessments and deep technical security training.

Arsenal Recon

Arsenal Recon

Arsenal Recon are digital forensics experts, providing consultancy services and powerful software tools to improve the analysis of electronic evidence.

Wüpper Management Consulting (WMC)

Wüpper Management Consulting (WMC)

Specialized in compliance, risk management and holistic information security WMC GmbH has longtime implementation experience in global projects.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Hysolate

Hysolate

Hysolate has transformed the endpoint, making it the secure and productive environment it was meant to be.

Invest Ottawa

Invest Ottawa

The IO Accelerator Program is designed to rapidly and systematically accelerate the development and commercial success of high growth technology firms.

Beyond Identity

Beyond Identity

Beyond Identity employs an elegantly simple concept, the personal certificate authority and self signed certificates, to replace passwords.

TierPoint

TierPoint

TierPoint delivers secure, reliable, and connected infrastructure solutions at the internet’s edge. We meet you where you are in your journey to solve for data storage, compute, and recovery.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications (Ultra I&C)

Ultra Intelligence & Communications provides critical, tactical capabilities that inform decision making in the most challenging environments.

MDSec

MDSec

MDSec is a consultancy with a passion for information security. Our consultants specialise in application, mobile and hardware security and targeted red team attacks.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.