Reports from around the world indicate that a new computer program is being used to monitor journalists, opposition figures, and humanitarian activists. A joint investigation by Microsoft and Citizen Lab traced how this tool, developed by a discreet Israeli company, operates and who may be using it.
Microsoft researchers describe the firm as a cyber-operations group selling a platform for state intelligence work under the name REIGN. They say it is aimed at ensuring compliance with national laws, though separate studies from the University of Toronto’s Research Center point to at least five instances of targeting civil society networks in places such as Bulgaria, the United Arab Emirates, Ghana, Hungary, Israel, Mexico, the Czech Republic, Romania, Singapore, and Uzbekistan. Reports also indicate that Moroccan and Indonesian authorities have engaged with the service.
This list of deployments concerns researchers who have documented the use of other spying tools to breach digital and human rights standards. Notably, in Mexico, the United Arab Emirates, and Hungary, activities against critical journalists, opposition politicians, and activists have been reported. While it remains unclear whether the Israeli government has used this specific tool, there is historical precedent showing the use of similar technologies against Israel in various contexts.
pega-similarity method
QuaDream’s spying program appears to rely on security flaws found in certain iOS versions, such as 14.4 and 14.4.2. The technique involves sending crafted calendar invitations to install malware and gain access to a victim’s mobile device.
The resulting access can enable data exfiltration, eavesdropping on calls, and activation of the camera and microphone. The effectiveness can be reduced by timely system updates, but the approach remains a concern for device security.
This approach bears similarities to Pegasus, a well-known espionage platform developed by an Israeli firm, which has been linked to targeting a broad set of individuals in political and public life across multiple regions.
what is known about QuaDream?
Details about QuaDream are limited. The company operates with limited transparency and does not maintain a public website. Investigations identify the founding year as 2016 and name its founders as Ian Dabelstein, Guy Geva, and Nemrut Rinsky. Dabelstein is described as a former Israeli military officer who became the company’s managing director and largest shareholder. The other founders previously worked with NSO Group, the creator behind Pegasus. Current involvement of these individuals with QuaDream remains unclear, and the role of Avi Rabinowitz has been mentioned as a potential CEO.
Meta has reported discovering approximately 250 user accounts that were used to test QuaDream’s hacking capabilities, including devices running iOS and Android.
The company reportedly does not sell its spyware directly to governments. Instead, a Cypriot intermediary, InReach, is cited as a conduit. InReach connections suggest potential clients in the region, with media coverage indicating involvement by Saudi interests.