Pierluigi Paganini April 18, 2023

The Israeli surveillance firm QuaDream is allegedly shutting down its operations after Citizen Lab and Microsoft uncovered their spyware.

Last week Citizen Lab researchers reported that at least five civil society members were victims of spyware and exploits developed by the Israeli surveillance firm QuaDream.

The victims include journalists, political opposition figures, and an NGO worker located in North America, Central Asia, Southeast Asia, Europe, and the Middle East. The researchers also believe that the threat actors used a suspected iOS 14 zero-click exploit to deploy QuaDream’s spyware.

The zero-day exploit, dubbed ENDOFDAYS, appears to work against iOS versions 14.4 and 14.4.2, and possibly other versions. ENDOFDAYS relies on invisible iCloud calendar invitations sent from the spyware’s operator to victims.

News of the day is that the Israeli surveillance firm QuaDream is allegedly ceasing its operations in the coming days after its activity was exposed by Citizen Lab and Microsoft researchers.

According to the Israeli newspaper Calcalist, citing unnamed sources, all of QuaDream’s employees were notified they are set to be laid off and called in for a hearing. The company is set to cease its operations in the coming days.

“According to sources, the company has been in a difficult situation for several months, and the research was the last nail in its coffin. The company hasn’t been fully active for a while and it is believed that there are only two employees left in its offices whose job it is to look after the computers and other equipment.” reported the Calcalist. “At the same time, the board of directors is trying to sell the company’s intellectual property.”

The Israeli business newspaper revealed that the members of the board of directors of the company are attempting to sell its intellectual property.

In the last couple of years, other Israeli surveillance firms, like NSO Group and Candiru, made the headlines because their spyware was used by totalitarian regimes to spy on journalists, dissidents, and government opposition.

Please vote for Security Affairs (https://securityaffairs.com/) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS
Vote for me in the sections:

• The Teacher – Most Educational Blog
• The Entertainer – Most Entertaining Blog
• The Tech Whizz – Best Technical Blog
• Best Social Media Account to Follow (@securityaffairs)

Please nominate Security Affairs as your favorite blog.

Nominate here: https://docs.google.com/forms/d/e/1FAIpQLSfaFMkrMlrLhOBsRPKdv56Y4HgC88Bcji4V7OCxCm_OmyPoLw/viewform

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, QuaDream)