In November, Apple sued NSO Group over its repeated use of zero-click iPhone exploits to help malicious actors spy on iPhone users. Since then, many political activists have said they have been notified by Apple that they were targeted by NSO Group’s ‘ForcedEntry’ attack.

However, it seems that more than just NSO Group had knowledge of the flaw. Today, Reuters reports that a similar exploit has also been discovered and exploited by another Israeli firm called QuaDream.

Just like NSO Group, QuaDream also develops hacking tools that are then sold on to government clients.

The report says that both QuaDream and NSO Group began using the zero-click hack in 2021, with allows an iPhone to be compromised simply by receiving a specially-crafted iMessage payload with no user interaction required.

Reuters says that the ForcedEntry exploit named by Apple in relation to NSO Group is very similar to what QuaDream used. The good news is that also means the bug fixes Apple rolled out with iOS 14.8 and later should also prevent QuaDream’s exploit from working going forward. (It is currently unknown whether these firms have been able to develop new exploits that can attack iOS 15 devices.)

NSO Group has developed a rather public profile of facilitating iPhone and Android spying work across several years. Apple finally brought legal action in November 2021, saying NSO Group should be held accountable for the surveillance and targeting of Apple users.

FTC: We use income earning auto affiliate links. More.


Check out 9to5Mac on YouTube for more Apple news:

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

About the Author

Benjamin Mayo

Benjamin develops iOS apps professionally and covers Apple news and rumors for 9to5Mac. Listen to Benjamin, every week, on the Happy Hour podcast. Check out his personal blog. Message Benjamin over email or Twitter.