Jeff Bezos’ phone hacked after WhatsApp chat with Saudi Crown Prince Mohammed bin Salman
- Report raises questions about how National Enquirer disclosed Bezos’ extramarital affair in reports that relied, in part, on intimate text messages sent by Bezos
- Hack came months before the murder of journalist Jamal Khashoggi, who wrote for the Bezos-owned Washington Post
Saudi Crown Prince Mohammed bin Salman may have been involved in a plot to hack the phone of Amazon’s billionaire boss Jeff Bezos, United Nations experts said on Wednesday.
The UN special rapporteurs, Agnes Callamard and David Kaye, said they had information pointing to the “possible involvement” of the prince in the alleged 2018 cyberattack. Saudi officials have dismissed the allegations as absurd.
Callamard, the special rapporteur for extra-judicial killings, and Kaye, special rapporteur for free expression, said the allegation of Saudi involvement “demands immediate investigation by US and other relevant authorities”.
Cybersecurity experts hired by Bezos, the world’s richest man, concluded his phone was probably infiltrated by a video file sent from a WhatsApp account purportedly belonging to Prince Mohammed in 2018, according to a person familiar with the matter.
They said the device began leaking massive amounts of data about a month afterwards, the source said.
While a message from the prince to Bezos in mid-2018 that preceded the hack appeared benign, investigators found digital evidence suggesting it contained code that ultimately led to the breach of the billionaire’s phone, said one of the people, who asked not to be identified because the probe was not public.
A forensic analysis showed with moderately high confidence that a WhatsApp account used by bin Salman was involved, another person said.
The Guardian reported earlier on Tuesday said an analysis had found that the theft of data from Bezos’ phone in 2018 started with an infected video file sent from bin Salman’s personal account.
The Financial Times, which confirmed elements of the Guardian’s account of the hack, said the analysis was conducted by global business advisory firm FTI Consulting. A representative of the firm declined to comment, saying: “We do not comment on, confirm or deny client engagements or potential engagements.”
Saudis ‘had access’ to Amazon CEO Jeff Bezos’ phone, his security chief claims
The revelation of new details about a security breach that affected the world’s richest man comes about a year after the surprise announcement that Bezos and his wife, MacKenzie, would divorce after 25 years of marriage.
The National Enquirer subsequently disclosed an extramarital affair between Bezos and Lauren Sanchez, a former television anchor, in a series of reports that relied, in part, on intimate text messages sent by Bezos.
Gavin de Becker, a security consultant for Bezos, later said he believed the Saudi Arabian government had accessed Bezos’ phone before the Enquirer exposed the affair. He did not provide any direct evidence to back up his claims, which he said came from “our investigators and several experts”.
Jeff Bezos makes a wild fashion statement with girlfriend Lauren Sanchez in Mumbai
De Becker on Tuesday declined to comment on the Guardian report beyond the lengthy statement last year, which was posted on the news site The Daily Beast.
The Saudi embassy, in a tweet, attacked the reports as “absurd” and called for an investigation “so that we can have all the facts out”.
In an interview with Bloomberg TV, Saudi Finance Minister Mohammed Al-Jadaan referenced the statement made by the Saudi Embassy but declined to comment further.
A spokeswoman for WhatsApp declined to comment.
A United Nations investigation, led by UN Special Rapporteurs Agnes Callamard and David Kaye, was set to be released on Wednesday and was expected to confirm that Bezos’ mobile phone was hacked using a WhatsApp message from bin Salman, the Washington Post reported late on Tuesday.
It was unclear whether the alleged hack of Bezos’ phone accessed any sensitive Amazon corporate information. The company had not commented on the matter in the nine months since de Becker’s accusation. Company representatives on Tuesday did not return messages seeking comment.
“It’s unclear whether his phone had more, privileged access to information from his companies,” said Bastien Bobe, an analyst at cybersecurity firm Lookout. “That would not be in line with security practices and risk mitigation at companies though. But technically it would be feasible for that technology to access the data.”