In May 2018, the smartphone of the head of Amazon and the owner of The Washington Post, one of the richest people on the planet, Jeff Bezos, was hacked. Then everything ended with a scandal, during which Bezos tried to blackmail the National Enquirer tabloid, threatening to publish personal messages and intimate photos received from his phone. Then the head of Amazon had not yet divorced his wife Mackenzie, with whom he had been married for 25 years, and had not yet advertised his romance with former television presenter 49-year-old Lauren Sanchez. In a word, the situation turned out to be unpleasant.
As publications have now reported The guardian and Financial times, the hack was directly related to the message that Bezos received on May 1, 2018 on WhatsApp from the Crown Prince of Saudi Arabia, Mohammed Ibn Salman, whom he had recently met in person and exchanged contacts.
Media refers to a report compiled by forensic scientists at FTI Consulting (a document has already been published by Vice motherboard) They came to the conclusion that the video message (the same video can be seen below, it seems that this is an Arab telecommunications advertising film), received by the head of Amazon from the crown prince, exploited a vulnerability in the WhatsApp messenger, using a bug to download and install malvari on a personal iPhone Bezos. This malware stole a huge amount of data from the device of the head of Amazon.
– عـبدالله الخريّف (@ AbdullahK5) November 20, 2017
“The amount of data transmitted from the Bezos phone has changed dramatically after receiving the video file in WhatsApp and has not returned to its original level. After executing the encrypted bootloader sent from the account of Muhammad ibn Salman, outgoing traffic from the device jumped by about 29,000%, the FTI Consulting report reads. – Forensic artifacts show that six months before receiving video via WhatsApp, an average Bezos phone generated 430 Kb of outgoing traffic per day, which is quite typical for the iPhone. A few hours after receiving the video on WhatsApp, outgoing traffic increased to 126 Mb. For many months, the phone has maintained an unusually high level of traffic (an average of 101 MB), demonstrating multiple and extremely atypical bursts of outgoing data. ”
The authors of the report believe that the malware used for hacking was purchased from third-party developers by a close friend and adviser to the Crown Prince of Saudi Arabia, Mohammed Ibn Salman, Saud Al-Kakhtani. Earlier, according to media reports, he repeatedly bought hacker tools from companies such as the notorious Hacking Team.
The results of the FTI Consulting investigation, first published by The Guardian, were criticized by information security experts, as journalists suggested that the tool used could be created by the Israeli company NSO Group, a well-known developer of offensive hacker tools. However, the forensic report does not say that the NSO Group tool was used for hacking, experts only note that the Israeli company’s tools can also steal data, as happened on Bezos’s device. So, researchers cite as examples the Pegasus malware from the NSO Group and Galileo from the Hacking Team.
However, the FTI Consulting report still raises a lot of questions and skepticism among specialists. For example, the head of Elcomsoft, Vladimir Katalov, told reporters Vice motherboardthat the experts who studied the attack didn’t seem to be “qualified enough.”
Why did the Crown Prince of Saudi Arabia even need to hack Jeff Bezos's phone? Probably, the attack may be due to the fact that Bezos has owned the Washington Post since 2013. The fact is that it was in this publication that a well-known journalist, columnist and writer from Saudi Arabia Jamal Khashoggi, a well-known and ardent critic of the US authorities, Saudi Arabia in general and Muhammad ibn Salman in particular, was actively publishing. Haggoshi was killed in the fall of 2018 at the Saudi consulate in Istanbul. After the assassination, the Crown Prince of Saudi Arabia admitted his responsibility for the incident with the murder of a journalist, but said that he was not aware of what was happening.
Now many media and experts believe that Saudi Arabia has intentionally launched a campaign to tarnish the reputation of Jeff Bezos. For example, ZDNet reporters prepared detailed chronology of events recent years related to the actions of Saudi Arabia, Jeff Bezos and the killing of Khashoggi.
Note that the Saudi Embassy in Washington is already officially rejected assumptions that the kingdom had anything to do with hacking the phone owner Jeff Bezos. Diplomats called the allegations absurd.
In turn, members of the UN Human Rights Working Group are already made an appeal to the United States immediately and thoroughly investigate the attack on Jeff Bezos’s smartphone. UN experts also believe that the hacking was part of a coordinated campaign by Saudi Arabia against Bezos, caused by critical coverage of events in the country.