In a talk at the Objective by the Sea – security conference in Hawaii, Bill Marczak, a senior researcher at The Citizen Lab, and Microsoft’s Christine Fossaceca provided an in-depth analysis of the discovery of QuaDreams’ spyware technology.
In April 2023, we published a report that described an Israeli spyware vendor’s technology that was used to target the iPhones of civil society members. The suspected exploit, which we call ENDOFDAYS, appears to make use of invisible iCloud calendar invitations sent from the spyware’s operator to victims.
Marczak and Fossaceca highlight the use of a zero-click exploit, which is delivered through malicious calendar invites, allowing attackers to compromise iPhones without any notification to the target or requiring any action from the target. In 2023, Citizen Lab released a report, Sweet QuaDreams, which details findings based on samples shared by Microsoft Threat Intelligence. The report uncovered how these spyware tools were used by threat actors to spy on at least five individuals across ten countries.
Watch it on Youtube: