What is Zero-click spyware?

• Zero-click spyware refers to a category of spyware that can infiltrate a device without requiring any interaction from the user. The term “zero-click” indicates that the user doesn’t need to perform any action, such as clicking a link or opening a file, for the spyware to be installed.

An Overview of Spyware:

• Spyware is a type of software designed to covertly monitor and gather data about a person's activities without their consent or awareness. Its capabilities include tracking keystrokes, browsing habits, and more. Advertisers, hackers, and even governments often use it for malicious objectives.

A Look into ENDOFDAYS:

• A zero-click spyware campaign dubbed ENDOFDAYS has been discovered by Microsoft and Citizen Lab. This campaign targets high-risk individuals.
  • The Creator: QuaDream, an Israeli company, is found to have developed a commercial spyware known as “KingsPawn” which exploits iPhones of high-risk individuals using a zero-click exploit referred to as “ENDOFDAYS.”
    • The spyware exploited invisible iCloud calendar invitations to infiltrate iPhones running iOS versions 1.4 to 14.4.2.
  • The Targets: The spyware targeted individuals from diverse backgrounds and locations, including North America, Central Asia, Southeast Asia, Europe, and the Middle East. The victims were primarily civil society members.
    • The victims included journalists, political dissidents, and workers from non-governmental organizations.
    • The spyware was equipped with an extensive range of capabilities, including recording phone calls and audio, capturing images, hijacking the phone’s Anisette framework to generate login codes for arbitrary dates, tracking location, and executing various file system operations.

Why is it Important?

• The discovery of this spyware brings to light the magnitude of the mercenary spyware industry and emphasizes the need for vigilance by researchers and potential targets.
• The absence of governmental regulations to control the spread of commercial spyware could lead to an increase in instances of misuse, both from recognized companies and those operating covertly.
• The QuaDream spyware campaign serves as a reminder that even individuals with high profiles are not immune to cyberattacks.