QuaDream—QuaDream shut down after Citizen Lab exposé revealed civil society targeting across five continents
In April 2023, Citizen Lab and Microsoft published research identifying at least five civil society victims of QuaDream's REIGN spyware across North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims included journalists, political opposition figures, and an NGO worker. The spyware exploited a zero-click iOS vulnerability. Five days after the exposé, QuaDream shut down after failing to receive Israeli Defense Ministry authorization to sell to new clients. The company fired all employees. The closure followed Israel blocking a potential sale to Morocco.
Scoring Impact
| Topic | Direction | Relevance | Contribution |
|---|---|---|---|
| Authoritarian Compliance | +toward | primary | -1.00 |
| Digital Safety for Vulnerable Users | -against | primary | -1.00 |
| Press Freedom | -against | primary | -1.00 |
| Overall incident score = | -1.020 | ||
Score = avg(topic contributions) × significance (critical ×2) × confidence (0.68)× agency (reactive ×0.75)
Evidence (2 signals)
Shut down after Israeli government blocked export licenses following Citizen Lab/Microsoft exposé
QuaDream shut down in April 2023 after failing to receive Israeli Defense Ministry authorization to sell REIGN to new clients. The closure followed a Citizen Lab/Microsoft exposé documenting targeting of journalists and activists. Israel blocked a major deal with Morocco amid fallout from NSO Group's global surveillance scandals.
Citizen Lab identified civil society victims across five continents targeted by QuaDream spyware
In April 2023, Citizen Lab and Microsoft identified at least five civil society victims of QuaDream's REIGN spyware in North America, Central Asia, Southeast Asia, Europe, and the Middle East. Victims included journalists, political opposition figures, and an NGO worker. The ENDOFDAYS exploit used invisible iCloud calendar invitations to infect iOS devices.