comscore iPhone flaw exploited by second Israeli spy firm: All you need to know about it
News

Two Israeli firms used ForcedEntry exploit to spy on iPhone users: What it is, how to safeguard yourself

Apple rolled out a fix for this bug with iOS 14.8, iPadOS 14.8, macOS 11.6 and watchOS 7.6.2 update last year.

apple-logo- (1)

(Representational Image)


Apple last year sued NSO Group for using its Pegasus spyware for snooping on iPhone users. Now, a report has detailed that not one but two Israeli firms exploited flaws in iOS to spy on iPhone users.
According to a Reuters report, the bug in iOS that the NSO Group used for spying on iPhone users was also used by a second Israeli firm called QuaDream for similar purposes. QuaDream is a small and a low profile Israeli company that develops smartphone hacking tools for government clients just like the NSO Group. Also Read - Apple M2 MacBook Air will be available starting July 15, Pre-orders to start in early July

The report also said that both the spyware firms gained the ability to remotely break into iPhones last year. Simply said, both the firms could hack into Apple’s iPhones without an owner needing to open a malicious link. Both the companies used a hacking technique called ForcedEntry to gain access to users’ iPhones. Citizen Lab security researcher Bill Marczak told the news agency that QuaDream’s spyware tool called ‘Reign’ was ‘on par’ with NSO Group’s Pegasus spyware. Also Read - Man uses Apple AirTags to recover stolen Range Rover

What is ForcedEntry exploit?

ForcedEntry is a zero-click exploit used for targeting iPhone users. Kaspersky Security explains that a zero-click exploit is the one wherein a malicious software can be installed on a device without the victim clicking on any link. These attacks are more dangerous as they leave fewer traces of any malicious activity. Also Read - 'As it Was' by Harry Styles was one of the biggest tracks on Apple Music this year

ForcedEntry exploit, in particular, uses PDF files disguised as GIF files to install a malicious piece of code in Apple’s CoreGraphics system, circumventing Apple’s BlastDoor security mechanism that was introduced in iOS 14 to defend against such hacks. This hack can be used to gain access to all devices running on iOS 14 and older iOS versions.

What is QuaDream and what is it doing?

QuaDream is a spyware firm just like the NSO group. Its flagship spyware tool is called Reign, which is its equivalent of Pegasus spyware. According to the report, Reign can take control of a smartphone, look up instant messages from services such as WhatsApp, Telegram, and Signal,emails, photos, texts and contacts. Additionally, it can be used for “real time call recordings”, “camera activation – front and back” and “microphone activation”.

Furthermore, the report says that over the years QuaDream’s buyers have also overlapped with NSO’s. Sources told the news agency that one of QuaDream’s first clients was the Singaporean government. Its technology was pitched to the Indonesian government but it remains uncertain if the Indonesian government ever became a client.

What has Apple done to fix this?

Apple, on learning about the vulnerability, rolled out iOS 14.8, iPadOS 14.8, macOS 11.6 and watchOS 7.6.2 last year to fix this flaw. The company also notified the small number of affected users that they may have been targeted by the spyware firm.

In addition to that, it sued the NSO Group for compromising the safety and privacy of Apple device users. “To prevent further abuse and harm to its users, Apple is also seeking a permanent injunction to ban NSO Group from using any Apple software, services, or devices,” Apple had written in a blog post at the time.

How can I protect myself?

As mentioned before, Apple rolled out a fix for this bug last year. If you are running the latest version of Apple’s OSes on your devices, you don’t have anything to worry about. However, if you are still running an older version of iOS or macOS, it is advisable that you download the latest version on your device now.

For the latest tech news across the world, latest PC and Mobile games, tips & tricks, top-notch gadget reviews of most exciting releases follow BGR India’s Facebook, Twitter, subscribe our YouTube Channel. Also follow us on  Facebook Messenger for latest updates.
  • Published Date: February 4, 2022 2:41 PM IST



new arrivals in india