DNS Snooping on Apple iOS 14 Zero-Click Spyware KingsPawn
The NSO Group’s Pegasus malware blazed the trail for what we know now as zero-click spyware targeting mobile OSs, including Apple's iOS, for government use last year. They made such a splash that just last April, new spyware market player QuaDream released what we could consider Pegasus’s relative—KingsPawn.
Meanwhile, Microsoft published an in-depth study of KingsPawn where they named 64 domains as indicators of compromise (IoCs).
We scoured the DNS for other potentially KingsPawn-related artifacts and found: