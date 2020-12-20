U.S. markets closed

  • S&P 500

    3,709.41
    -13.07 (-0.35%)
     

  • Dow 30

    30,179.05
    -124.35 (-0.41%)
     

  • Nasdaq

    12,755.64
    -9.06 (-0.07%)
     

  • Russell 2000

    1,969.99
    -8.06 (-0.41%)
     

  • Crude Oil

    49.08
    -0.02 (-0.04%)
     

  • Gold

    1,886.80
    -2.10 (-0.11%)
     

  • Silver

    26.00
    -0.03 (-0.13%)
     

  • EUR/USD

    1.2228
    -0.0048 (-0.39%)
     

  • 10-Yr Bond

    0.9480
    +0.0180 (+1.94%)
     

  • GBP/USD

    1.3420
    -0.0159 (-1.17%)
     

  • USD/JPY

    103.4410
    +0.3430 (+0.33%)
     

  • BTC-USD

    24,157.63
    +314.47 (+1.32%)
     

  • CMC Crypto 200

    440.19
    +1.88 (+0.43%)
     

  • FTSE 100

    6,529.18
    -21.88 (-0.33%)
     

  • Nikkei 225

    26,763.39
    -43.31 (-0.16%)
     

Dozens of journalists' iPhones hacked with NSO 'zero-click' spyware, says Citizen Lab

Zack Whittaker
·6 min read

Citizen Lab researchers say they have found evidence that dozens of journalists had their iPhones silently compromised with spyware known to be used by nation states.

For more than the past year, London-based reporter Rania Dridi and at least 36 journalists, producers and executives working for the Al Jazeera news agency were targeted with a so-called "zero-click" attack that exploited a now-fixed vulnerability in Apple's iMessage. The attack invisibly compromised the devices without having to trick the victims into opening a malicious link.

Citizen Lab, the internet watchdog at the University of Toronto, was asked to investigate earlier this year after one of the victims, Al Jazeera investigative journalist Tamer Almisshal, suspected that his phone may have been hacked.

In a technical report out Sunday and shared with TechCrunch, the researchers say they believe the journalists' iPhones were infected with the Pegasus spyware, developed by Israel-based NSO Group.

The researchers analyzed Almisshal's iPhone and found it had between July and August connected to servers known to be used by NSO for delivering the Pegasus spyware. The device revealed a burst of network activity that suggests that the spyware may have been delivered silently over iMessage.

Logs from the phone show that the spyware was likely able to secretly record the microphone and phone calls, take photos using the phone's camera, access the victim's passwords, and track the phone's location.

Citizen Lab analyzed the network logs of two hacked iPhones and found it could record ambient calls, take photos using the camera, and track the device's location without the victim knowing. (Image: Citizen Lab)

Citizen Lab said the bulk of the hacks were likely carried out by at least four NSO customers, including the governments of Saudi Arabia and the United Arab Emirates, citing evidence it found in similar attacks involving Pegasus.

The researchers found evidence that two other NSO customers hacked into one and three Al Jazeera phones respectively, but that they could not attribute the attacks to a specific government.

A spokesperson for Al Jazeera, which just broadcast its reporting of the hacks, did not immediately comment.

NSO sells governments and nation states access to its Pegasus spyware as a prepackaged service by providing the infrastructure and the exploits needed to launch the spyware against the customer's targets. But the spyware maker has repeatedly distanced itself from what its customers do and has said it does not who its customers target. Some of NSO's known customers include authoritarian regimes like China and Russia. Saudi Arabia allegedly used the surveillance technology to spy on the communications of columnist Jamal Khashoggi shortly before his murder, which U.S. intelligence concluded was likely ordered by the kingdom's de facto ruler, Crown Prince Mohammed bin Salman.

Citizen Lab said it also found evidence that Dridi, a journalist at Arabic television station Al Araby in London, had fallen victim to a zero-click attack. The researchers said Dridi was likely targeted by the UAE government.

In a phone call, Dridi told TechCrunch that her phone may have been targeted because of her close association to a person of interest to the UAE.

Dridi's phone, an iPhone XS Max, was targeted for a longer period, likely between October 2019 and July 2020. The researchers found evidence that she was targeted on two separate occasions with a zero-day attack — the name of an exploit that has not been previously disclosed and that a patch is not yet available — because her phone was running the latest version of iOS both times.

"My life is not normal anymore. I don't feel like I have a private life again," said Dridi. "To be a journalist is not a crime," she said.

Citizen Lab said its latest findings reveal an "accelerating trend of espionage" against journalists and news organizations, and that the growing use of zero-click exploits makes it increasingly difficult — though evidently not impossible — to detect because of the more sophisticated techniques used to infect victims' devices while covering their tracks.

When reached on Saturday, NSO said it was unable to comment on the allegations as it had not seen the report, but declined to say when asked if Saudi Arabia or the UAE were customers or describe what processes — if any — it puts in place to prevent customers from targeting journalists.

"This is the first we are hearing of these assertions. As we have repeatedly stated, we do not have access to any information related to the identities of individuals upon whom our system is alleged to have been used to conduct surveillance. However, when we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations," said a spokesperson.

“We are unable to comment on a report we have not yet seen. We do know that CitizenLab regularly publishes reports based on inaccurate assumptions and without a full command of the facts, and this report will likely follow that theme NSO provides products that enable governmental law enforcement agencies to tackle serious organized crime and counterterrorism only, but as stated in the past, we do not operate them. Nevertheless, we are committed to ensuring our policies are adhered to, and any evidence of a breach will be taken seriously and investigated.”

Citizen Lab said it stood by its findings.

Spokespeople for the Saudi and UAE governments in New York did not respond to an email requesting comment.

The attacks not only puts a renewed focus on the shadowy world of surveillance spyware, but also the companies having to defend against it. Apple rests much of its public image on advocating privacy for its users and building secure devices, like iPhones, designed to be hardened against the bulk of attacks. But no technology is impervious to security bugs. In 2016, Reuters reported that UAE-based cybersecurity firm DarkMatter bought a zero-click exploit to target iMessage, which they referred to as "Karma." The exploit worked even if the user did not actively use the messaging app.

Apple told TechCrunch that it had not independently verified Citizen Lab's findings but that the vulnerabilities used to target the reporters were fixed in iOS 14, released in September.

“At Apple, our teams work tirelessly to strengthen the security of our users’ data and devices. iOS 14 is a major leap forward in security and delivered new protections against these kinds of attacks. The attack described in the research was highly targeted by nation-states against specific individuals. We always urge customers to download the latest version of the software to protect themselves and their data," said an Apple spokesperson.

NSO is currently embroiled in a legal battle with Facebook, which last year blamed the Israeli spyware maker for using a similar, previously undisclosed zero-click exploit in WhatsApp to infect some 1,400 devices with the Pegasus spyware.

Facebook discovered and patched the vulnerability, stopping the attack in its tracks, but said that more than 100 human rights defenders, journalists and "other members of civil society" had fallen victim.

WhatsApp blames — and sues — mobile spyware maker NSO Group over its zero-day calling exploit

    U.S. President Donald Trump has signed a bill calling for the delisting of foreign companies that don't adhere to the same accounting transparency standards that securities regulators impose on public U.S. firms.Why It Matters: The Holding Foreign Companies Accountable Act takes aim at Chinese companies and drew rare strong bipartisan support in the U.S. Congress before arriving on Trump's desk.The act says delisting could happen if a given company doesn't comply with audit inspections three years in a row.China's government does not allow the board to perform audit inspections of Chinese companies listed in the US. Audit inspections are performed on other U.S.-listed companies by the Public Company Accounting Oversight Board, set up after accounting scandals such as the one that blew up Enron in the early 2000s.Chinese companies listed in the U.S. have been embroiled in financial scandals in the past -- including Luckin Coffee Inc - ADR (OTC: LKNCY) this year, which led to a Nasdaq delisting.Sixteen Chinese companies have delisted since February 2019, according to a government report in October.Carson Block, who has made himself a short-selling star through his investigations into Chinese companies, has called for the delisting of Chinese firms, saying to Bloomberg last month: "This is China and the Chinese stock promotion, manipulation fraud machine laughing in the face of the SEC."What's Next: Markets now await any news on specific delistings. The bill could affect 217 Chinese companies, including popular stocks such as Alibaba Group Holding Ltd - ADR (NYSE: BABA), JD.Com Inc (NASDAQ: JD), Nio Inc - ADR (NYSE: NIO), Xpeng Inc - ADR (NYSE: XPEV) and Li Auto Inc. (NASDAQ: LI).But because of the three-year compliance timeline in the act, delistings may not be imminent.The author of this article holds shares in Luckin Coffee and an inverse ETF that tracks the downward performance of Chinese companies listed in Hong Kong.Photo credit: Xpeng Motor Technology Ltd.See more from Benzinga * Click here for options trades from Benzinga * Klarna Could Follow Affirm Holdings In Delaying Anticipated 'Buy Now, Pay Later' Fintech IPO * FTSE Russell To Drop 8 Chinese Companies From Some Indices, In Response To US Blacklist(C) 2020 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

    Using technical analysis of the charts of those stocks, and, when appropriate, recent actions and grades from TheStreet's Quant Ratings, we zero in on five names. While we will not be weighing in with fundamental analysis, we hope this piece will give investors interested in stocks on the way down a good starting point to do further homework on the names. Overstock.com Inc. recently was downgraded to Sell with a D+ rating by TheStreet's Quant Ratings.

  • Fed Decision Could Bring Bank Stocks Into Bull Market

    Traders waiting for a better moment to get into bank stocks may have gotten one.What Happened: The U.S. Federal Reserve Board released a statement after markets closed on Friday that clears the way for major banks to restart share repurchases.The decision was part of the Fed's stress-testing of banks amid the economic uncertainty of the pandemic. The board, seeing healthy capital reserves among the banks, passed the 33 firms it tested while also allowing them to restart limited share repurchasing. Such purchases had been paused earlier in the pandemic.Why It Matters: Though they have not done poorly, bank stocks haven't benefited as much from the 2020 bull market as other some other industries.The decision could change this going into the new year, as stock repurchases add support to share prices by boosting demand.According to Bloomberg, six biggest U.S. banks could buy back as much as $11 billion of shares in the first quarter of next year.Trading Action: The Fed announcement came at 4:30 EST on Friday. The Financial Select Sector SPDR Fund (NYSE: XLF), which includes major banks JPMorgan Chase & Co. (NYSE: JPM), Bank of America Corp (NYSE: BAC), Citigroup Inc (NYSE: C), Wells Fargo & Co (NYSE: WFC), Goldman Sachs Group Inc (NYSE: GS), and Morgan Stanley (NYSE: MS) in its holdings, closed up 3% in afterhours trading from Friday's close of $28.49. Photo credit: Joe Mabel, WikimediaSee more from Benzinga * Click here for options trades from Benzinga * Klarna Could Follow Affirm Holdings In Delaying Anticipated 'Buy Now, Pay Later' Fintech IPO * Ouch. Airbnb Hosts Missed Email Offering Them Pre-IPO Shares: NPR(C) 2020 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

    On CNBC's "Mad Money Lightning Round," Jim Cramer said he believes in Charlie Scharf, the CEO of Wells Fargo & Co (NYSE: WFC). (The Federal Reserve Board gave banks the greenlight to restart share buybacks after the market close Friday.)MasTec, Inc. (NYSE: MTZ) is a winner, said Cramer. He likes infrastructure plays.Caterpillar Inc. (NYSE: CAT) could go to $200, said Cramer. He likes Deere & Company (NYSE: DE) more.Cramer likes Velodyne Lidar Inc (NASDAQ: VLDR) for that crowded space.Tupperware Brands Corporation (NYSE: TUP) is too hard to own, said Cramer. If he had bought it at a lower price, he would be selling now.Cramer would hold on to Freeport-McMoRan Inc (NYSE: FCX) even though it has already doubled. See more from Benzinga * Click here for options trades from Benzinga * 'Fast Money' Picks For December 21(C) 2020 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

    Every week, Benzinga conducts a sentiment survey to find out what traders are most excited about, interested in or thinking about as they manage and build their personal portfolios.We surveyed a group of over 300 Benzinga investors on whether shares of AT&T Inc. (NYSE: T) or Verizon Communications Inc. (NYSE: VZ) stock would grow the most by 2022.AT&T Vs. Verizon Stock In 2020 wireless communication remains AT&T's largest business, contributing nearly 40% of revenue. As the second-largest U.S. wireless carrier, AT&T connects more than 100 million devices, including 63 million regular customers and 16 million prepaid customers.The consumer and entertainment segment, the company's second-largest revenue stream, includes the consumer fixed-line and DirecTV satellite television businesses, serving 20 million television and 14 million internet access customers.Meanwhile, Verizon is primarily a wireless business (70% of revenue and nearly all operating income). The company serves about 89 million regular and 4 million prepaid customers. Verizon connects another 24 million data devices, like tablets, via its nationwide network, making it the largest U.S. wireless carrier.As AT&T and Verizon are the nation's largest wireless carriers, it's expected they will be the most viable companies competing for the largest market share of 5G cellular technology in the coming years.Many respondents cited how they see Verizon leading the way in providing the most reliable 5G coverage in the near-term, and also noted the current video streaming partnership the company holds with Walt Disney Co (NYSE: DIS) and music streaming partnership with Apple Inc (NYSE: AAPL) as reasons Verizon is all the more attractive in 2021. Among the respondents, 62% told us Verizon will grow more over the next year, while 38% believe AT&T will experience greater gains by the end of 2022.This survey was conducted by Benzinga in December 2020 and included the responses of a diverse population of adults 18 or older.Opting into the survey was completely voluntary, with no incentives offered to potential respondents. The study reflects results from over 300 adults.Photo from Pixabay. See more from Benzinga * Click here for options trades from Benzinga * Will GE's Stock Reach By 2022? * Will Xpeng Or Li Auto Stock Grow More By 2022?(C) 2020 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

    What do you get when you combine a quadruple witching day — the simultaneous expiration of single-stock options, single-stock futures, stock-index options and stock-index futures — with Tesla’s (NASDAQ:TSLA) inclusion to the S&P 500 and continued jawboning in D.C. heading into the weekend? A bumpy trading day, which is what we had Friday. Let’s look at some top stock trades.  Top Stock Trades for Monday No. 1: Darden Restaurants Click to EnlargeSource: Chart courtesy of StockCharts.com Darden Restaurants (NYSE:DRI) is somewhat muted after reporting earnings, down about 2% on the day.  The stock continues to slowly but surely inch its way higher after a wickedly volatile Q1 and Q2. Sheesh, look at that drop!InvestorPlace - Stock Market News, Stock Advice & Trading Tips On the upside, it’s vital that DRI takes out and closes above resistance at $125. If it can do that, it could kickstart a massive breakout rally.  7 Growth Stocks You Don't Want to Sleep On On the downside, see that DRI continues to hold the 10-week moving average and uptrend support (blue line). Below $105 could put the 50-week and 26-week moving averages in play.  Top Stock Trades for Monday No. 2: CrowdStrike Click to EnlargeSource: Chart courtesy of StockCharts.com CrowdStrike (NASDAQ:CRWD) broke to new highs on Friday, clearing $200 for the first time.  Take notice of this stock when it pushes through prior resistance. Each time the stock has broken over a key level, it has held that level as support going forward. This week, CRWD burst off the two-times range extension and cleared last week’s high.  For bulls that are still in this name, they can turn their attention toward $215. This level serves as the 261.8% extension for two different measures.  The first measure is from the Covid-19 low in March to the prior all-time high. The other measure is from the Q3 low to the Q3 high. This doesn’t mean CRWD will hit $215, only that it’s an upside area to keep an eye on.  As for the downside, new buyers are faced with a wide risk range for the time being, unless trading on a smaller timeframe.  Top Stock Trades for Monday No. 3: Winnebago (WGO) Click to EnlargeSource: Chart courtesy of StockCharts.com Winnebago (NYSE:WGO) is chugging higher on Friday, up more than 5% at close.  The stock is flirting with a breakout over the pre-coronavirus high from February. Above this level could put the June high in play near $72.50.  The 7 Worst Performing Stocks of 2020 If the stock can’t hold above $63, then look for WGO stock to retest the 21-day moving average. Below that could send shares into the $52 to $53 area. There it finds the 50-day and 100-day moving averages, as well as the backside of prior downtrend resistance (blue line).  Top Stock Trades for Monday No. 4: BlackBerry Click to EnlargeSource: Chart courtesy of StockCharts.com Down more than 15%, BlackBerry (NYSE:BB) is clearly having the opposite reaction to its earnings report.  In early December, shares of BlackBerry exploded higher, but if readers will recall, I highlighted the peculiar action as shares endured a huge fade from the session highs. Since then, BlackBerry had wound itself into a very tight wedge ahead of earnings.  Breaking lower, it’s not a good sign for bulls. Shares are also knifing through the 20-day moving average on Friday.   From here, see how the stock handles the gap-up low at $6.92. If it breaks this area and quickly reclaims it and the 21-day moving average, bulls will have a reversal low to trade against.  If BlackBerry shares break this area and can’t reclaim it, see if $6.50 acts as support. Below puts a potential gap-fill toward $6.20 on the table, along with a possible tag of the 50-day moving average.  On the date of publication, Bret Kenwell did not have (either directly or indirectly) any positions in any of the securities mentioned in this article. Bret Kenwell is the manager and author of Future Blue Chips and is on Twitter @BretKenwell.  More From InvestorPlace Why Everyone Is Investing in 5G All WRONG Top Stock Picker Reveals His Next 1,000% Winner Radical New Battery Could Dismantle Oil Markets The post 4 Top Stock Trades for Monday: DRI, CRWD, WGO, BB appeared first on InvestorPlace.

    Microsoft Corp (NASDAQ: MSFT) is designing in-house processors for server computers running on the company's cloud services, a development which will reduce reliance on Intel Corporation's (NASDAQ: INTC) chip technology, according to a Bloomberg report.Several chips stocks fell on the news.Intel shares traded down 6.3% to $47.46. The stock has a 52-week high of $69.29 and a 52-week low of $43.61.Advanced Micro Devices, Inc. (NASDAQ: AMD) closed down 0.95% at $95.92 per share.Nvidia Corporation (NASDAQ: NVDA) shares traded down 0.52% to $530.88. The stock has a 52-week high of $589.07 and a 52-week low of $180.68.Xilinx, Inc. (NASDAQ: XLNX) shares traded down 1.76% to $149.19. The stock has a 52-week high of $154.12 and a 52-week low of $67.68.Micron Technology, Inc. (NASDAQ: MU) shares traded down 1.11% to $71.46. The stock has a 52-week high of $74.60 and a 52-week low of $31.13.See more from Benzinga * Click here for options trades from Benzinga * Why Tesla's Stock Is Trading Higher Today * Why DraftKings And Flutter Are Trading Lower Today(C) 2020 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.

  • A Speculative Frenzy Is Sweeping Wall Street and World Markets

    (Bloomberg) -- Animal spirits are famously running wild across Wall Street, but crunch the numbers and this bull market is even crazier than it seems.Global stocks are now worth around $100 trillion. American companies have raised a record $175 billion in public listings. Some $3 trillion of corporate bonds are trading with negative yields.All the while the virus spreads, the economic cycle stays on life-support and businesses get thrashed by fresh lockdowns.Spurred by endless monetary stimulus and bets on a post-pandemic world, day traders and institutional pros alike are enjoying the easiest financial conditions in history.“Sentiment indicators are moving to euphoria,” said Cedric Ozazman, chief investment officer at Reyl & Cie in Geneva. “People are now jumping to invest amid fears they will miss the Santa Claus rally.”Here are the signs of market froth in this year of death, disease and economic calamity.IPO BoomNothing evokes a stock peak like a rush to the public markets. Debuts from Snowflake Inc. to Airbnb Inc. took this year’s initial public offerings volume to a record $175 billion in the U.S., data compiled by Bloomberg show.Special-purpose acquisition vehicles that raise money for a “blank check” company to buy whatever it wants have raised over $60 billion in 2020. That’s more than the previous decade combined.Investors still can’t get enough. The first-day return for IPOs averaged 40% this year, the highest ever other than 1999 and 2000, according to one estimate.All that has drawn unprecedented interest in the Renaissance IPO exchange-traded fund tracking new listings, up more than 100% this year this year. Even SPACs that haven’t announced an acquisition target are up almost 20% in 2020, Bespoke Investment Group noted.“If that isn’t a sign of exuberance, we don’t know what is!” Bespoke analysts wrote in a note.Stock RallyRobinhood traders have become the talk of Wall Street this year by speculating on everything from tech options to airline shares. With these retail investors chasing the equity rally along with institutional pros, the S&P 500 is trading with a sales multiple some 16% above the 2000 peak.Everything is going up. A Goldman Sachs basket of the most-shorted stocks in the Russell 3000 has surged about 40% this quarter, triple the broader index. High-beta shares are near their highest versus low-volatility ones since 2011.Every time the Russell 2000 has surged more than 95% off its trough, it has gone on to lose money over the next three months, according to SentimenTrader. It is now up roughly 100% from its March low.Options FrenzyBullish retail investors have plunged into the complex world of derivatives like never before this year. Over the last 20 days, a record average of roughly 22 million call contracts have traded each day across U.S. exchanges.Cboe’s equity put-call ratio has dropped near a decade low -- a sign traders have rarely ever been so hellbent on chasing upside in single stocks.Merger ManiaAnimal spirits in corporate boardrooms are another infamous sign of a market top. This quarter is shaping up to be the strongest for deal-making activity since 2016 after a record third quarter. S&P Global Inc. buying IHS Markit Ltd. and Advanced Micro Devices Inc. taking over Xilinx Inc. are among the blockbusters.With corporate cash balances rising in recent years and deal volume as a percentage of market value still below a long-time average, it is possible the recent activity is just the start.Europe Joins InEven Europe’s IPO market, which is much smaller in size than the one in the U.S. and less accustomed to big first-day pops, is going bananas.Among the 44 firms that have listed on European exchanges since Nov. 9 -- the day news of a coronavirus vaccine set off a bull run in equities -- the average gain has been 16%, according to data compiled by Bloomberg. About 70% of them are trading above their IPO price.“Given heightened equity valuations, IPOs are again a viable exit route for sponsors,” said Darrell Uden, global co-head of ECM at RBC Capital Markets.Credit ReboundIn a world of almost $18 trillion negative-yielding debt, investors have been forced to gorge on risky corporate bonds at record valuations.In the U.S., yields on junk bonds have tumbled far below levels at which high-grade borrowers could issue earlier this year.Even Carnival Corp., the fallen-angel cruise ship operator, has progressively cut funding premiums this year. The stockpile of negative-yielding corporate debt now stands at over $3 trillion.Emerging MarketsNaturally it’s boom times for emerging-market nations selling more than $730 billion in dollar and euro bonds in 2020, more than in any previous year.Even with political turmoil, Peru sold the lowest-yielding century bonds ever from a developing-economy government. Ivory Coast priced euro-denominated debt with a lower yield than last year, despite its participation in a G-20 debt relief initiative and an ongoing International Monetary Fund program.Bitcoin’s BackTo diehards, Bitcoin’s more than 200% surge this year on a wave of new money shows crypto’s time has come. To many on Wall Street, it’s just the latest sign of irrational exuberance.“We view it and other cryptocurrencies as ‘digital tulips.’ We have no way to value them,” Yardeni Research analysts including Ed Yardeni wrote in a note. “We do watch Bitcoin’s price action as a gauge of speculative excesses.”Its volatility is a hard pill to swallow for most but the likes of JPMorgan Chase & Co. and Nomura Holdings Inc. have noted plenty of interest, from family offices to trend-following quants.The virtual currency is surfing a wave of speculation for long-duration assets, from solar energy to Tesla Inc. shares, as investors seek a stake in a technology of tomorrow -- valuations be damned.For more articles like this, please visit us at bloomberg.comSubscribe now to stay ahead with the most trusted business news source.©2020 Bloomberg L.P.