Jeff Bezos’ Phone Hacked By Saudi Crown Prince – Expert Comments

The Amazon billionaire Jeff Bezos had his mobile phone “hacked” in 2018 after receiving a WhatsApp message that had apparently been sent from the personal account of the crown prince of Saudi Arabia, as reported by the Guardian. The encrypted message from the number used by Mohammed bin Salman is believed to have included a malicious file that infiltrated the phone of the world’s richest man, according to the results of a digital forensic analysis.


EXPERTS COMMENTS
Jarno Niemelä, Principal Researcher ,  F-Secure
January 23, 2020
In the case of Jeff Bezos there is no public indication of OS level root exploits being used.
This is not the first zero-day attack to hit WhatsApp - and it probably won’t be the last. Other messaging applications, like Signal, have a better security history. However, the truth is it’s impossible to use any of these services without some degree of risk. As a high value target, Jeff Bezos is more at risk of an attack than your average Joe. These individuals need the protection of a ....
[Read More >>]
Rosa Smothers, SVP of Cyber Operations,  KnowBe4
January 23, 2020
Hacking humans is often easier and takes less time than a straight forward network approach.
The reporting indicates that Mr. Bezos was in a WhatsApp chat with KSA's Mohammed bin Salman when -- unprompted -- the Prince sent him a video file. The file apparently contained malware which hacked Bezos' phone. The motive is clear: Jeff Bezos owns the Washington Post, which had reported extensively about the October 2018 murder by the Kingdom of the Post's journalist Jamal Khashogi. A text chat ....
[Read More >>]
Jake Moore, Cybersecurity Specialist,  ESET
January 23, 2020
Groups such as the NSO are very capable of carrying out vulnerability checks on operating systems.
This has all the hallmarks of the Pegasus spyware, which is a very sophisticated malware. When run on a device you will likely have no idea of what has just happened. Engineering a file to look like a photo or video that has come from a contact is the perfect way of executing the malware, so no doubt Bezos was unaware what had just occurred. This particular spyware is used on highly targeted in ....
[Read More >>]
Roger Grimes, Data-driven Defence Evangelist ,  KnowBe4
January 23, 2020
They can give us the necessary details without revealing confidential data.
I can’t speak to the absolute particulars of the incident. It does seem strange that the Saudi Crown Prince would knowingly be involved using his own account. It seems too immediately traceable. I don’t know for sure what happened, but entities breaking into other entities to hack someone else is fairly normal these days. It’s new to hear that it happened on WhatsApp and that a video file wa ....
[Read More >>]
Eoin Keary, CEO and Cofounder,  Edgescan
January 23, 2020
oram Golandsky is the VP of technologies and Infosec at the NSO group.
NSO develop spyware and malicious payloads for sale to the highest bidder. They sell to many nation states which have questionable human rights records and oppressive regimes. They are known for their Pegasus spyware, designed to deliver remote surveillance via infection of personal devices. Such software is used by nation states to undermine and monitor activists, journalists, free speech advocat ....
[Read More >>]
Craig Young, , Principal Security Researcher ,  Tripwire
January 23, 2020
It is entirely possible that Bezos phone was compromised by simply receiving the message with a crafted file.
Based on the publicly available details, the attack most likely exploited WhatsApp CVE-2019-11931 using tools provided by NSO Group. This is a stack-based buffer overflow which would be triggered when WhatsApp parses crafted elementary stream metadata from a received MP4 file. It is unclear based on the limited details from Facebook’s security advisory, whether the vulnerability is triggered by ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article