Skip to main content

UN calls for investigation into alleged Saudi crown prince involvement in Bezos phone hack

Natasha Turak




GP: Jeff Bezos Blue Origin US-SPACE-BEZOS
Amazon CEO Jeff Bezos announces Blue Moon, a lunar landing vehicle for the Moon, during a Blue Origin event in Washington, DC, May 9, 2019.
Saul Loeb | AFP | Getty Images
DUBAI, United Arab Emirates — UN experts have called for an immediate investigation into the “possible involvement” of Saudi Crown Prince Mohammed bin Salman in the hacking of Amazon CEO Jeff Bezos’ iPhone in 2018.
“The information we have received suggests the possible involvement of the Crown Prince in surveillance of Mr. Bezos, in an effort to influence, if not silence, The Washington Post’s reporting on Saudi Arabia,” UN special rapporteurs said in a statement Wednesday.
“The alleged hacking of Mr. Bezos’s phone, and those of others, demands immediate investigation by U.S. and other relevant authorities, including investigation of the continuous, multi-year, direct and personal involvement of the Crown Prince in efforts to target perceived opponents.”
The statement from UN’s human rights body centers on forensic investigations into the claim by Bezos — one of the world’s wealthiest men and owner of the Washington Post — that the Saudi government orchestrated a cyberattack against him to extract large amounts of data from his phone, including nude photos sent to his mistress.
The UN special rapporteurs, who are appointed by the world body but operate independently, made the statement after reviewing the 2019 forensic analysis carried out by Washington-based business advisory firm FTI Consulting on behalf of the American billionaire. Their statements follow earlier investigations into the killing and dismemberment of Washington Post journalist Jamal Khashoggi.
FTI consulting could not detail the specific spyware used in the attack, but said its experts had “medium to high confidence” that Bezos’ iPhone was hacked by malware coming from a Whatsapp account used by the Saudi crown prince.
“Based upon the results of a full forensic examination of the logical file system of Bezos’s phone, including network analysis, and an in-depth investigation conducted over several months, FTI reports with medium to high confidence that Bezos’s IPhone X was compromised via malware sent from a WhatsApp account used by Saudi Crown Prince Mohammed bin Salman,” the report said, according to an excerpt published by the Financial Times.
Riyadh has consistently rejected the accusations, and the Saudi embassy in Washington on Wednesday called the allegations “absurd.”
Bezos, through his security consultant Gavin de Becker, has flatly accused the Saudi government of wanting to do him harm. De Becker in March of 2019 alleged that the Saudis had “access to Bezos’s phone, and gained private information” and that the government was “intent on harming Jeff Bezos since . . . the Post began its relentless coverage” of the brutal murder in October 2018 of Khashoggi, a Saudi journalist critical of the kingdom’s monarchy. Khashoggi was a contributing writer for the Post with U.S. residency.
Riyadh said the killing was the result of a “rogue operation” that did not involve the crown prince, contradicting the CIA’s reported conclusion from late 2018 that implicated Bin Salman as being involved.

The hack: how experts believe it happened

According to the 2019 forensic analysis by FTI Consulting, Bezos’ phone was likely “infiltrated on 1 May 2018 via an MP4 video file sent from a WhatsApp account utilized personally by Mohammed bin Salman,” the UN statement read.
Bezos and the crown prince had exchanged numbers the month prior. Within hours of the video being sent from the crown prince’s account, “massive and (for Bezos’ phone) unprecedented exfiltration of data from the phone began” — the volume of data being transited to another location suddenly shot up by nearly 30,000% to 126 MB.
“Data spiking then continued undetected over some months and at rates as much as 106,032,045% (4.6 GB) higher than the pre-video data egress baseline for Mr. Bezos’ phone of 430KB,” the statement said.
The analysis pointed to a spyware product previously identified in other cases of Saudi surveillance, saying the intrusion was “likely undertaken” by a product like the Pegasus-3 malware created by Israeli-based NSO Group. Pegasus has been widely reported as having been purchased by Saudi officials, Saud al Qahtani, prince Mohammed’s former advisor who was implicated in the Khashoggi murder but ultimately not charged by the Saudi authorities.
“This would be consistent with other information,” the UN special rapporteurs wrote. “For instance, the use of WhatsApp as a platform to enable installation of Pegasus onto devices has been well-documented and is the subject of a lawsuit by Facebook/WhatsApp against NSO Group.”
NSO responded in a statement posted to its website Wednesday, saying “NSO is shocked and appalled by the story that has been published with respect to alleged hacking of the phone of Mr. Jeff Bezos,” and calling for a “full investigation” if the story is true.
“Just as we stated when these stories first surfaced months ago, we can say unequivocally that our technology was not used in this instance,” the company said.

Comments

Popular posts from this blog

Analysis | The Cybersecurity 202: How the shutdown could make it harder for the government to retain cybersecurity talent

By Joseph Marks 13-17 minutes THE KEY President Trump delivers an address about border security amid a partial government shutdown on Jan. 8. (Carolyn Kaster/AP) The partial government shutdown that's now in its 18th day is putting key cyber policy priorities on hold and leaving vital operations to a bare bones staff. But the far greater long-term danger may be the blow to government cyber defenders' morale, former officials warn. With the prospect of better pay and greater job security in the private sector, more government cyber operators are likely to decamp to industry, those former officials tell me, and the smartest cybersecurity graduates will look to industry rather than government to hone their skills. That’s especially dangerous, they say, considering the government’s struggle to recruit and retain skilled workers amid a nationwide shortage of cybersecurity talent. About 20 percent of staffers are furloughed at the De

9 High-Octane Stocks Poised to Rise Higher I Investopedia

investopedia.com 9 High-Octane Stocks Poised to Rise Higher Shoshanna Delventhal Investors seeking dramatically above-average returns in growth stocks might look at companies including Logitech International ( LOGI ), Redfin ( RDFN ), Dunkin' Brands Group ( DNKN ), Paycom Software ( PAYC ), Bio-Techne ( TECH ), Expedia Group Inc. ( EXPE ), J2 Global ( JCOM ), Cars.com  ( CARS ) and Wix.com  ( WIX ), all of them picks of the outperforming Jackson Square SMID-Cap Growth fund, as outlined in a recent Barron's story . The $509 million fund, which is the leader in its mid-cap growth category on Morningstar, has dramatically beaten the market by posting an average 16% return over the last decade. Over the past year, the fund's 28% return has beaten 94% of its peers. (For more, see also: Best Performing S&P 500 Stocks So Far in 2018 . ) “I like to sit back and think—about w