An Israeli company QuaDream is discovered to have created a commercial spyware dubbed “KingsPawn” that targets high-risk individuals’ iPhones using a zero-click exploit. Click here to know more about Zero-Click Spyware and QuaDream Spyware. This topic is important for the IAS exam GS-3 segment.
Zero-click spyware:
- It refers to a type of spyware that can be installed on a device without any interaction or action required from the user. The term “zero-click” implies that no action from the user is needed, such as clicking on a link or opening an attachment, for the spyware to be installed.
Spyware:
- It is a software that secretly monitors and collects information about a person’s activity without their knowledge or consent. It can track keystrokes, web browsing, and more. It is often used by advertisers, hackers, or governments for malicious purposes.
ENDOFDAYS:
- Microsoft and Citizen Lab have found a zero-click spyware campaign, called ENDOFDAYS, which was used to target high-risk individuals.
- Creator: An Israeli company QuaDream is discovered to have created a commercial spyware dubbed “KingsPawn” that targets high-risk individuals’ iPhones using a zero-click exploit called “ENDOFDAYS.”
- The spyware used invisible iCloud calendar invitations to access iPhones running iOS 1.4 up to 14.4.2.
- Target: The victims of this spyware campaign include at least five civil society individuals in various locations including North America, Central Asia, Southeast Asia, Europe, and the Middle East.
- Among these victims were journalists, political opposition figures, and an NGO worker.Â
- The spyware was designed with a wide range of features allowing it to record phone calls, audio, and take pictures. It could also hijack the phone’s Anisette framework and generate login codes for arbitrary dates, track location, and perform various file system operations.
- Creator: An Israeli company QuaDream is discovered to have created a commercial spyware dubbed “KingsPawn” that targets high-risk individuals’ iPhones using a zero-click exploit called “ENDOFDAYS.”
Importance:
- This report highlights the size of the mercenary spyware industry and the need for ongoing vigilance by researchers and potential targets.
- Without government regulations to curb the proliferation of commercial spyware, cases of abuse are likely to increase from both well-known companies and those operating in the shadows.
- The QuaDream spyware campaign shows that even high-profile individuals are vulnerable to cyberattacks.
Zero Click Spyware [UPSC Notes]:- Download PDF Here
| Related Links | |||
| Pegasus Spyware | Global Cybersecurity | ||
| Cyber Security | Types of Cyber Attacks | ||
| International Telecommunication Union (ITU) | Hermit Spyware | ||
Comments