Reuters quoted five sources, describing it as “informed,” that a second Israeli company exploited a loophole in Apple’s software, at the same time that the Israeli “NSO” electronic intelligence group managed to hack the iPhone in 2021.
The sources said that “Qua Dream” is a smaller and less well-known company that develops smart phone hacking tools for government clients.
And last year, the two rival companies gained the ability to remotely hack iPhones, according to the five sources, which means that the two companies can put Apple phones at risk without their owners opening malicious links.
In 2021, NSO found itself at the center of a global espionage scandal after an investigation published by 17 international media outlets as of July 18 revealed that the company’s Pegasus software was used to spy on at least 180 journalists and 600 personalities. Politicians, 85 human rights activists, and 65 company owners in several countries.
An expert in this regard said that two companies’ use of one advanced method known as “Zero Click” proves that phones are more vulnerable to effective digital spying tools than the phone industry admits.
“People want to think they’re safe, and phone companies want you to think they’re safe. And what we’ve come to realize is that it isn’t,” said Dave Itel, a partner at Cordyceps Systems, a cybersecurity firm.
Experts – who have been analyzing the “NSO” and “Qua Dream” hacks since last year – believe that the two companies used very similar software methods known as “Forced Entry” to hack iPhone phones.
exploit loopholes
According to Reuters, three of the sources said that analysts believed that the two companies’ methods of hacking were similar because they exploited the same vulnerabilities in Apple’s instant messaging platform, and used a similar method to implant malware on the targeted devices.
The agency confirmed that it had made repeated attempts to reach Koa Dream for comment, and had sent letters to its executives and business partners.
Last week, a Reuters reporter visited the company’s office, in the Tel Aviv suburb of Ramat Gan, and no one answered the doorbell. The company’s lawyer did not respond to letters addressed to him, either.
An Apple spokesperson declined to comment on the Qua Dream case or say whether Apple intends to take any steps with respect to the Israeli company.
Two sources familiar with the matter said that the similarities between the two companies’ hacking methods were so strong that their spyware became useless when Apple fixed the vulnerabilities in September 2021.
A spokeswoman for NSO said her company “has not cooperated” with Koa Dream, but that “the cyber-intelligence industry continues to grow rapidly globally.”
Apple sued NSO Group in November, accusing it of violating its terms of use and services agreement with respect to its phones. The case is still in its early stages.
