Pawan Web World

Best Services At Best Price

Jeff Bezos phone hacked via WhatsApp: UN calls for investigation, NSO Group denies charge


Written by Shruti Dhapola
| New Delhi |

Updated: January 23, 2020 10:47:42 am

Jeff Bezos, Bezos phone hacked, Jeff Bezos phone WhatsApp hack, Mohammad Bin Salman, MBS, Who is MBS, Mohammad Bin Salman Bezos hacking, Lauren Sanchez, Jeff Bezos girlfriend In this file photo from 2017, Jeff Bezos attends the premiere of “The Post” at The Newseum in Washington. United Nations experts have called for “immediate investigation” by the United States into information they received that suggests that Jeff Bezos’ phone was hacked after receiving a file sent from Saudi Crown Prince Mohammed bin Salman’s WhatsApp account. (Image source: AP)

The forensic details of Amazon CEO and founder Jeff Bezos’ phone hacking from 2018 has been made public as part of a report by the United Nations. The UN human rights experts have confirmed what was earlier reported and suspected, that Bezos’ iPhone was compromised via a WhatsApp video file, sent from the account of Crown Prince of Saudi Arabia Prince Mohammad Bin Salman. The use of NSO Group’s Pegasus-3 is most likely in this case, a charge than the Israeli cyber-security firm has denied.

Bezos’ phone was examined by cyber-security experts at the FTI Consulting who had conducted a forensic analysis of the phone. Details of the FTI report have been published by Motherboard.

The Guardian has first reported on the issue yesterday, though the Saudi link was suspected back in 2019 by Bezos’ security team.  According to the UN human rights experts, the incident is being seen as a serious “contravention of fundamental international human rights standards,” and there are calls for a full fledged investigation into the issue.

Jeff Bezos, Bezos phone hacked, Jeff Bezos phone WhatsApp hack, Mohammad Bin Salman, MBS, Who is MBS, Mohammad Bin Salman Bezos hacking, Lauren Sanchez, Jeff Bezos girlfriend A 2019 file photo of Saudi Arabia’s Crown Prince Mohammed bin Salman talking to Russian President Vladimir Putin during the talks in Riyadh, Saudi Arabia. The Crown Prince’s WhatsApp account was used to target Bezos. (Image source: AP)

The report also acknowledges that the surveillance were part of the Crown Prince’s efforts to silence The Washington Post‘s reporting on Saudi Arabia, which has been critical of Prince Salman in particular. Bezos also owns The Washington Post. 

“The alleged hacking of Mr Bezos’s phone, and those of others, demands immediate investigation by US and other relevant authorities, including investigation of the continuous, multi-year, direct and personal involvement of the Crown Prince in efforts to target perceived opponents. This reported surveillance of Mr. Bezos, allegedly through software developed and marketed by a private company and transferred to a government without judicial control of its use, is, if true, a concrete example of the harms that result from the unconstrained marketing, sale and use of spyware,” the independent UN experts said in a statement. 

The WhatsApp video

According to Motherboard, initial analysis of the phone did not confirm any malware. However, a video that was sent by the Saudi Crown Prince was seen as suspicious file. This video looked like an Arabic language promotional film about telecommunications with the flags of Saudi Arabia and Sweden on top.

Jeff Bezos, Bezos phone hacked, Jeff Bezos phone WhatsApp hack, Mohammad Bin Salman, MBS, Who is MBS, Mohammad Bin Salman Bezos hacking, Lauren Sanchez, Jeff Bezos girlfriend Jeff Bezos, president and CEO of Amazon and owner of The Washington Post, speaks at the Economic Club of Washington DC’s “Milestone Celebration Dinner” in Washington, US. September 13, 2018. (Image source: Reuters)

Forensic analysis confirms WhatsApp video link

The forensic analysis report gives out exact details on how Bezos’ phone was hacked. While initial technical analysis did not confirm the malware, later analysis showed that the video file indeed carried malware. This was because the video downloader was encrypted and could not be decrypted.

But it was clear that once Bezos received the video on his iPhone, the phone started behaving abnormally with a 29,156 per cent jump in data egress or data transfer from the device, according to the UN report. Over the months, the data spike rate was at rates of nearly “106,031,045 per cent higher than the pre-video data egress base line,” or around 4.6GB of data, notes the report.

The spyware stolen gigabytes worth of information from Bezos’ phone over the months, including his private messages and photos to his girlfriend Lauren Sanchez.  These messages were later published by The National Enquirer, an American tabloid owned by the American Media Inc, (AMI) in January 2019.

Explained: All the links in Amazon founder Jeff Bezos’ phone hacking

Bezos later put out a blog post in February 2019 detailing how AMI’s CEO David Pecker was trying to blackmail him and claimed to have accessed more of his personal photos, including nudes, which they were threatening to publish. AMI wanted The Washington Post to back down from its coverage of the National Enquirer and its links to the Saudi regime.

According to the experts, the forensic analysis showed that the spyware most likely used was like the NSO Group’s Pegasus-3 malware, which has been purchased and deployed by Saudi officials in other cases as well. Previously, Amnesty international had pointed out how two of its Saudi Arabia workers were targeted with NSO’s Pegasus.

The report’s timeline also makes it clear that Facebook had itself acknowledged in November 2019 that WhatsApp could be used exploit a user’s phone via a malicious MP4 file, as it has happened in the case of Bezos.

Jeff Bezos, Bezos phone hacked, Jeff Bezos phone WhatsApp hack, Mohammad Bin Salman, MBS, Who is MBS, Mohammad Bin Salman Bezos hacking, Lauren Sanchez, Jeff Bezos girlfriend Jeff Bezos, founder of Amazon, and his girlfriend TV presenter Lauren Sanchez arrive at a company event in Mumbai, India, January 16, 2020.) (Image source: Reuters)

MBS taunted Bezos with offensive meme about his girlfriend

The UN report also lists out a timeline of events, which points out that Bezos attended a dinner with the Crown Prince on April 4, 2018 during the course of which they exchanged phone numbers for their WhatsApp accounts.

The malicious message was sent to Bezos on May 1, 2018. On November 8, 2018, the Crown Prince appeared to taunt Bezos as he texted him on a photo with an offensive caption on WhatsApp. The photo resembled Lauren Sanchez, Bezos’ current girlfriend, though the affair was not yet public. The caption read, ” “Arguing with a woman is like reading the Software License Agreement. In the end you have to ignore everything and click I agree.”

NSO Group’s response

NSO Group has denied the use of Pegasus to hack into Bezos’ phone, a denial they issued earlier as well. In a statement post on their website, the company said they were “shocked and appalled by the story that has been published with respect to alleged hacking of the phone of Mr. Jeff Bezos.”

Further, the statement adds that “if this story is true, then it deserves a full investigation by all bodies providing such services to assure that their systems have not been used in this abuse.”  According to them such abuse of surveillance system will “blacken the eye of the cyber intelligence community and put a strain on the ability to use legitimate tools to fight serious crime and terror.”

Jeff Bezos, Bezos phone hacked, Jeff Bezos phone WhatsApp hack, Mohammad Bin Salman, MBS, Who is MBS, Mohammad Bin Salman Bezos hacking, Lauren Sanchez, Jeff Bezos girlfriend A file photo of the NSO Group’ logo is shown on a building where they had offices in Herzliya, Israel. (Image source: AP)

NSO has always insisted that their software is only to be used to track criminals and terrorists. The statement adds, “These type of stories highlight the need for the surveillance community to follow our lead and implement strict Human Rights Policies and to act in a compliant manner.”

The group also said they are willing to engage with the UN, Bezos and any other body to “fully understand these issues and to set guidelines and capabilities to assure the protection of human rights in the sale and use of surveillance equipment.”

The WhatsApp vulnerability

In November 2019, Facebook had confirmed vulnerability CVE-2019-11931, which said that a specially crafted MP4 file sent to a WhatsApp user could be used to trigger a stack-based buffer overflow. This stack-based overflow vulnerability is used by attackers to gain access to a computer or in this case the smartphone. Facebook acknowledge that it could result in Denial of Service (DoS) or a Remote Code Execution (RCE) attack.

The RCE attack allows hackers to run malicious code on the device to access and make changes on the infected device or computer. The attack is able to gain full control over the device thanks to this kind of attack.

Facebook had said that the issue impacted Android versions prior to 2.19.274, iOS versions prior to 2.19.100, Enterprise Client versions prior to 2.25.3, Windows Phone versions before and including 2.18.368, Business for Android versions prior to 2.19.104, and Business for iOS versions prior to 2.19.100. It had asked users to update their apps in order to make sure they were not impacted by the vulnerability.   In a statement, WhatsApp had also said there was no reason to believe users were impacted, but the Bezos incident shows this was clearly not true.

For all the latest Technology News, download Indian Express App

© IE Online Media Services Pvt Ltd

Updated: January 23, 2020 — 5:47 am

Leave a Reply

Your email address will not be published. Required fields are marked *

Pawan Web World © 2020 Happy Ramadan Greetings