Israeli spy tech firm said shut after report found it targeted foreign activists

QuaDream’s trouble began last week when watchdog revealed its REIGN program is used to surveil journalists and dissidents around globe; only two remain employed to guard equipment

File: Hungarian investigative journalist Szabolcs Panyi, whose number was on a leaked list of phones reportedly being targeted by Israeli-made spyware, looks at his mobile phone on July 20, 2021, in Budapest (GERGELY BESENYEI/AFP)
File: Hungarian investigative journalist Szabolcs Panyi, whose number was on a leaked list of phones reportedly being targeted by Israeli-made spyware, looks at his mobile phone on July 20, 2021, in Budapest (GERGELY BESENYEI/AFP)

An Israeli surveillance firm, which was found last week to have sold phone hacking software used by countries to target journalists and opposition figures, is closing down, Hebrew media reported on Sunday.

QuaDream, which has been in dire financial straits in recent months, received a critical blow upon the release of findings last week by cybersecurity watchdog Citizen Lab, the Calcalist newspaper reported, citing sources within the company.

Employees were summoned for a pre-termination hearing on Sunday, the report said. The company is now practically defunct, with only two people remaining employed to ensure the safety of the remaining equipment, while the firm sells off its intellectual property.

QuaDream is a smaller competitor of Israel’s NSO Group, which was blacklisted by the US in 2021 for its ties to the illegal surveillance of government officials, journalists, dissidents, and others often paid by authoritarian regimes.

Citizen Lab identified clients of QuaDream’s REIGN program in Bulgaria, the Czech Republic, Hungary, Ghana, Israel, Mexico, Romania, Singapore, the United Arab Emirates, and Uzbekistan.

REIGN’s “Premium Collection” capabilities included “real-time call recordings, camera activation — front and back,” and “microphone activation,” according to a company brochure uncovered by Citizen Lab.

The brochure said the cost of being able to launch 50 smartphone break-ins per year was $2.2 million, exclusive of maintenance costs. But two sources familiar with sales of the software said the price for REIGN was typically higher, Citizen Lab found.

“Once QuaDream infections become discoverable through technical methods, a predictable cast of victims emerged: civil society and journalists,” the Citizen Lab report stated, though it did not identify the alleged targets.

In a separate report also published Tuesday, Microsoft said it believed with high confidence that spyware found on several civil society activists’ phones was “strongly linked to QuaDream.”

Citizen Lab researcher Bill Marczak told The Wall Street Journal that QuaDream’s hacking technology is as sophisticated as NSO Group’s, though it took greater pains than the more well-known group to hide its fingerprints on the devices targeted by its spyware.

QuaDream did not respond to requests for comment.

Reuters reported last year that QuaDream’s technology was developed in 2021 to allow clients to break into iPhones without the target needing to click a link, around the same time as NSO Group developed its own software.

The companies exploited the same vulnerabilities hidden inside Apple’s instant messaging platform. The exploits were so similar that when Apple fixed the underlying flaws in September 2021 it rendered both NSO and QuaDream’s software ineffective, two people familiar with the matter told the news agency last year.

NSO says it sells its hacking software, Pegasus, only to governments for the purpose of fighting crime and terrorism, and all sales require approval from the Defense Ministry. While maintaining it has safeguards in place to prevent abuse, NSO says it has no control over how a client uses the product and no access to the data they collect. It says it has terminated several contracts due to inappropriate use of Pegasus.

NSO has been involved in numerous scandals in recent years and has faced a torrent of international criticism over allegations it helps governments, including dictatorships and authoritarian regimes, spy on dissidents and rights activists.

But unlike NSO, QuaDream has kept a lower profile despite serving some of the same government clients. A source familiar with the company told Reuters it has no website touting its business, and its employees have been told to keep any reference to their employer off social media.

QuaDream was founded in 2016 by Ilan Dabelstein, a former Israeli military official, and by two former NSO employees, Guy Geva and Nimrod Reznik, according to Israeli corporate records and two people familiar with the business, the report said.

QuaDream and NSO Group have employed some of the same engineering talent over the years, three people familiar with the matter said. However, in line with NSO’s spokesperson, two of those sources said the companies did not collaborate on their iPhone hacks, with each coming up with their own ways to take advantage of vulnerabilities.

One of QuaDream’s first clients was the Singaporean government, two of the sources claimed. Documentation reviewed by Reuters showed the company also pitched its software to the Indonesian government. It was not clear if Indonesia became a client, the report said.

Several of QuaDream’s buyers — including Saudi Arabia — have also overlapped with NSO’s, four of the sources were quoted as telling Reuters last year.

In 2021, it was reported that QuaDream began working with Saudi Arabia following the killing of dissident journalist Jamal Khashoggi. Riyadh reportedly lost its license for NSO’s Pegasus after it was allegedly used in the lead-up to Khashoggi’s murder in 2018.

Most Popular
read more: