Last Updated on 05/02/2022 by Nidhi Khandelwal
A now-patched security weakness in Apple iOS was used by a different surveillance firm dubbed QuaDream to hack into the company’s devices, which was previously discovered to be exploited by Israeli company NSO Group.
FORCEDENTRY is the zero-click exploit in question, a hole in iMessage that could be used to bypass iOS security and install spyware, allowing attackers to collect a plethora of information including contacts, emails, files, conversations, and images, as well as access to the phone’s camera and microphone.
REIGN, QuaDream’s spyware, works similarly to NSO Group’s Pegasus in that it gives users complete control over their devices. Apple fixed the fundamental flaw in September 2021 and later sued NSO Group for utilizing the exploit to launch surveillanceware attacks on iPhones.
The news comes after The New York Times published an explosive expose late last month detailing the CIA’s use of Pegasus to combat terrorism in Djibouti, as well as its acquisition by a number of countries, including India, Mexico, Saudi Arabia, and the United Arab Emirates.
The US Federal Bureau of Inquiry (FBI) “purchased and tested NSO software for years with plans to use it for domestic spying until the agency finally chose last year not to deploy the capabilities,” according to the year-long investigation.
Furthermore, the new Phantom system is thought to have been outfitted with the ability to target phone lines in the United States, contradicting the company’s prior statements that its spyware cannot be used on numbers with a +1 country code.
The FBI acknowledged to The Washington Post earlier this week that it had obtained a license to use the programme and test its capabilities on phones that used foreign SIM cards. The agency did note, however, that the software was only used “for product testing and evaluation,” and that it was never used operationally or to support any investigation.
