Citizen Lab said in its report that it had been able to identify a handful of civil society victims whose iPhones had been hacked using surveillance software developed by the Israeli company, QuaDream Ltd – a lower-profile competitor to the Israeli spyware company NSO Group, which has been blacklisted by the US government over allegations of abuse.
In its report published at the same time, Microsoft announced it believed with “high confidence” that the spyware was “strongly linked to QuaDream.”
In a statement, Microsoft Associate General Counsel Amy Hogan-Burney stated that mercenary hacking groups like QuaDream “thrive in the shadows” and that publicly outing them was “essential to stopping this activity.”
Reuters reported in 2022 that QuaDream had previously developed a no-interaction-needed hacking tool similar to the programs deployed by NSO. Such hacking tools, known as “zero-click,” are particularly prized by cybercriminals, spies, and law enforcement because they can remotely compromise devices without an owner needing to open a malicious link or download a tainted attachment.
NSO did not immediately return a message seeking comment.
Neither Citizen Lab nor Microsoft identified the targets of QuaDream’s software, but the allegation could still be damaging for the firm.
The reports come on the heels of an announced crackdown on the international spyware industry by US President Joe Biden. Last month, the White House announced an executive order intended to curb the purchase of surveillance software by US agencies if the programs are also being used by repressive governments abroad.
The White House did not immediately respond to a message seeking comment.
Unlike NSO, which regularly briefed journalists amid allegations of abuse, QuaDream has kept a lower profile. The company has no website touting its business and employees have been told to keep any reference to their employer off social media, Reuters has previously reported.