A second company took advantage of iPhone vulnerability that enabled Pegasus hack
It looks like NSO Group, the Israeli-based technology firm that hacked the iPhone with its Pegasus spyware, isn't the only company to exploit Apple's iMessage vulnerability in 2021 (via AppleInsider). It turns out there was a second Israeli company, called QuaDream, that also, at the same time as NSO Group, used the exact same vulnerability to hack iPhones.
In a statement, a spokesperson from NSO Group said that their company 'did not cooperate' with QuaDreamand that 'the cyber intelligence industry continues to grow rapidly globally.'
QuaDream, just like NSO Group, has its own sophisticated spyware called REIGN. Just like NSO Group's Pegasus, REIGN can take control of your phone and use its cameras and microphones to spy on you and record your calls. REIGN can also collect your personal information and see your messages, photos, and emails.
Both NSO Group and QuaDream exploited the way iMessage accepted and interpreted GIFs. They used a PDF file, masked as a GIF, with a script of logical commands, which controlled the spyware without the need for a command-and-control server.
Also read:
QuaDream, just like NSO Group, has its own sophisticated spyware called REIGN. Just like NSO Group's Pegasus, REIGN can take control of your phone and use its cameras and microphones to spy on you and record your calls. REIGN can also collect your personal information and see your messages, photos, and emails.
When Apple found out about the exploited vulnerability in iMessage, it released a patch that fixed the flaw, so the exploits used by both NSO Group and QuaDream shouldn't work anymore on updated iPhones.
Both NSO Group and QuaDream exploited the way iMessage accepted and interpreted GIFs. They used a PDF file, masked as a GIF, with a script of logical commands, which controlled the spyware without the need for a command-and-control server.
Also read:
Things that are NOT allowed: