Report Says Saudi Prince MBS's Whatsapp Account Personally Sent Jeff Bezos Malware Used To Access His Phone

from the 21st-century-espionage dept

Things sure are getting even more bizarre in the world of the rich, famous, and powerful. Saudi Crown Prince Mohammed bin Salman (usually called "MBS") is now being accused of personally being involved in the hacking of Jeff Bezos' phone to get data that was eventually used against him by the National Enquirer. This is a soap opera-level story that involves a bit of background.

You may recall that, approximately a year ago, Jeff Bezos put out quite a Medium post, entitled: No thank you, Mr. Pecker, in which he exposed an attempt by David Pecker's National Enquirer to engage in what sure looks like a blackmail effort to silence Washington Post (which Bezos owns) reporting efforts. The post came about a month after the National Enquirer had released evidence of an affair that Bezos was having, including releasing personal text messages (the National Enqurier release came hours after Bezos himself announced he was getting a divorce from his wife). According to Bezos' blog post, the Enquirer had also threatened to release personal photos of Bezos if he did not call off an investigation he had launched into how the National Enquirer had obtained those text messages.

A little over a month and a half later, the investigator that Bezos had hired, Gavin de Becker, announced that he believed Saudi Arabia was involved in obtaining Bezos's personal data, adding a bit of international intrigue to the whole thing. de Becker argued that the evidence pointed to the Saudis much more than Michael Sanchez, the brother of the woman with whom Bezos was having the affair, who had claimed that he had given the data to the National Enquirer. As de Becker noted, Sanchez seemed to be a fall guy to distract from the possible Saudi connection:

My office quickly identified the person whom the Enquirer had paid as a source: a man named Michael Sanchez, the now-estranged brother of Lauren Sanchez, whom Bezos was dating. What was unusual, very unusual, was how hard AMI people worked to publicly reveal their source’s identity. First through strong hints they gave to me, and later through direct statements, AMI practically pinned a “kick me” sign on Michael Sanchez.

de Becker's investigation pointed out that the National Enquirer had contacted Sanchez first about the affair, suggesting that the attempt to work with him may have been a case of parallel construction, rather than an original source.

Saudi Arabia's potential involved was fascinating -- as the Saudi government, and MBS, have apparently been upset about the Washington Post publishing columns critical of the Saudi government by Jamal Khashoggi -- the journalist who was then killed by Saudi operatives in late 2018, in an operation that many blamed on MBS, and which MBS has eventually taken responsibility for. That murder has brought a lot more critical attention to MBS and his efforts to stomp out criticism.

So now we finally get to the latest news, in which the Guardian first reported that the real way that Bezos' text messages and photos were accessed was because MBS sent Bezos a Whatsapp message that contained the malware payload.

The encrypted message from the number used by Mohammed bin Salman is believed to have included a malicious file that infiltrated the phone of the world’s richest man, according to the results of a digital forensic analysis.

This analysis found it “highly probable” that the intrusion into the phone was triggered by an infected video file sent from the account of the Saudi heir to Bezos, the owner of the Washington Post.

The two men had been having a seemingly friendly WhatsApp exchange when, on 1 May of that year, the unsolicited file was sent, according to sources who spoke to the Guardian on the condition of anonymity.

A related story noted that Bezos and MBS had met a few weeks earlier at a Hollywood dinner organized by filmmaker Brian Grazer and agent Ari Emanuel (what a dinner that must have been) at a time when MBS was trying to ingratiate himself with both the American tech and entertainment industries (efforts that began to run into some issues after the murder of Khashoggi). Bezos and MBS apparently began communicating by Whatsapp after that dinner, and in the midst of the conversation, MBS passed along the link.

The Guardian understands a forensic analysis of Bezos’s phone, and the indications that the “hack” began within an infected file from the crown prince’s account, has been reviewed by Agnès Callamard, the UN special rapporteur who investigates extrajudicial killings. It is understood that it is considered credible enough for investigators to be considering a formal approach to Saudi Arabia to ask for an explanation.

While the Guardian does not share the full report (or even say who wrote it), Vice Motherboard has since obtained the report, and provides even more details:

The report, obtained by Motherboard, indicates that investigators set up a secure lab to examine the phone and its artifacts and spent two days poring over the device but were unable to find any malware on it. Instead, they only found a suspicious video file sent to Bezos on May 1, 2018 that “appears to be an Arabic language promotional film about telecommunications.”

That file shows an image of the Saudi Arabian flag and Swedish flags and arrived with an encrypted downloader. Because the downloader was encrypted this delayed or further prevented “study of the code delivered along with the video.”

Investigators determined the video or downloader were suspicious only because Bezos’ phone subsequently began transmitting large amounts of data. “[W]ithin hours of the encrypted downloader being received, a massive and unauthorized exfiltration of data from Bezos’ phone began, continuing and escalating for months thereafter,” the report states.

The report highlights that this new massive amount of data flow "never returned to baseline" suggesting that the link certainly did something to his phone that started sending all Bezos' data elsewhere. The report includes some fairly fascinating screenshots, including first how Bezos and MBS connected on Whatsapp:

And then there's a screenshot of the random video link that supposedly lead to the infection of Bezos' phone:

The story then gets even crazier, as it alleges that a few months later, MBS sent two more odd texts to Bezos:

The first such text was sent to Bezos from MBS' account on November 8, 2018, and contained a single photograph of a woman resembling Lauren Sanchez, with whom Bezos was having a then-secret personal relationship. For context, this was after the relationship would have been obvious to persons with access to private texts, calls, and images on Bezos' phone, but months before the relationship was known or reported publicly. The photo and the cryptic caption were sent precisely during the period Bezos and his wife were exploring divorce. "Arguing with a woman is like reading the Software License agreement. In the end you have to ignore everything and click I agree." (Memes such as this were available on the Internet, however the content of the text was not typical of any past communication from MBS, making it likely it was sent with reference to Bezos' personal life events at the time.

The second text was also somewhat creepy -- and also somewhat counterproductive. The two hadn't communicated for a while, and yet just a couple days after Bezos was given a briefing about how the Saudis were mounting a big online campaign against him, MBS randomly texted Bezos not to believe everything he's heard:

The second text demonstrates awareness of non-public information that could have been gained via surveillance of Bezos' phone was sent to Bezos from MBS's WhatsApp account, after more than three (3) months of no communication between the parties. On February 14, 2019, Bezos was provided a detailed briefing about the extent of the Saudi online campaign against him. The briefing was provided in two (2) calls on the Bezos' phone. This text evinces an awareness of what Bezos had just been told:

It seems a bit galaxy brain to suddenly pop up with a message like, telling Bezos not to believe all he'd heard about Saudi attempts to hack him, in a manner that basically would confirm that the Saudi's had access to his private conversations. Though, to be fair, it is possible that MBS's message was not in reference to private briefings, but rather in reference to Bezos' own Medium blog post (referenced at the top of this story) which had come out a week earlier, and had mentioned the possibility of Saudi involvement with the National Enquirer. So there is a potentially non-nefarious explanation for this particular text.

However, it does seem that it was this latter text that caused Bezos and de Becker to begin seriously investigating whether or not the Saudis had hacked Bezos' phone, because it was the very next day that de Becker agreed to get Bezos' phone analyzed.

In response to all of this, two UN Special Rapporteurs, Agnes Callamard, UN Special Rapporteur on summary executions and extrajudicial killings, and David Kaye, UN Special Rapporteur on freedom of expression, have put out a call for an investigation into MBS's role in all of this:

"The information we have received suggests the possible involvement of the Crown Prince in surveillance of Mr. Bezos, in an effort to influence, if not silence, The Washington Post's reporting on Saudi Arabia. The allegations reinforce other reporting pointing to a pattern of targeted surveillance of perceived opponents and those of broader strategic importance to the Saudi authorities, including nationals and non-nationals. These allegations are relevant as well to ongoing evaluation of claims about the Crown Prince's involvement in the 2018 murder of Saudi and Washington Post journalist, Jamal Khashoggi.

"The alleged hacking of Mr. Bezos's phone, and those of others, demands immediate investigation by US and other relevant authorities, including investigation of the continuous, multi-year, direct and personal involvement of the Crown Prince in efforts to target perceived opponents.

"This reported surveillance of Mr. Bezos, allegedly through software developed and marketed by a private company and transferred to a government without judicial control of its use, is, if true, a concrete example of the harms that result from the unconstrained marketing, sale and use of spyware. Surveillance through digital means must be subjected to the most rigorous control, including by judicial authorities and national and international export control regimes, to protect against the ease of its abuse. It underscores the pressing need for a moratorium on the global sale and transfer of private surveillance technology.

"The circumstances and timing of the hacking and surveillance of Bezos also strengthen support for further investigation by US and other relevant authorities of the allegations that the Crown Prince ordered, incited, or, at a minimum, was aware of planning for but failed to stop the mission that fatally targeted Mr. Khashoggi in Istanbul.

At a time when Saudi Arabia was supposedly investigating the killing of Mr. Khashoggi, and prosecuting those it deemed responsible, it was clandestinely waging a massive online campaign against Mr. Bezos and Amazon targeting him principally as the owner of The Washington Post."

The whole story is completely crazy -- and feels like a made up Hollywood movie of the kind Grazer might produce -- rather than a true story involving two of the world's richest and most powerful men. Anyway, in the meantime, never click on random videos sent to you by rich autocrats with a history of oppression.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: ari emmanuel, brian grazer, david pecker, gavin de becker, hacking, jeff bezos, malware, mbs, mohammad bin salman, phones
Companies: whatsapp


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Anonymous Coward, 22 Jan 2020 @ 10:58am

    New phone. Who dis autocratic ruler?

    link to this | view in chronology ]

  • identicon
    Baron von Robber, 22 Jan 2020 @ 11:17am

    No bone saws were used in this hacking.....this time.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Jan 2020 @ 1:07pm

      Re:

      A bone saw is inefficient when opening up a phone case.

      What surprises me is that the NSA didn't drop by, and offer a free replacement phone for a simple exchange.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Jan 2020 @ 11:20am

    So we have a story about a man who hoards an obscene and immoral amount of wealth and uses his vast power to oppress and abuse others and accrue even more wealth and power... and a Saudi Prince.

    Idunno, this story has me pretty damn pleased, personally. A rich autocrat with a history of oppression causing problems for a rich plutocrat with a history of oppression is a win in my book.

    link to this | view in chronology ]

    • icon
      Stephen T. Stone (profile), 22 Jan 2020 @ 11:27am

      Do you believe the people who will keep being oppressed by those two rich bastards after this kerfluffle fades from the public consciousness see this as a win?

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 22 Jan 2020 @ 11:38am

        Re:

        All I’m saying is, the way I see it, these days any bad thing happening to some rich asshole is a win, and I’ll take what I can get in this hellworld.

        link to this | view in chronology ]

        • identicon
          Rocky, 22 Jan 2020 @ 12:36pm

          Re: Re:

          Too bad about Khashoggi though, but I guess a person getting killed didn't seem to put a damper on your glee.

          link to this | view in chronology ]

          • icon
            Wendy Cockcroft (profile), 23 Jan 2020 @ 5:36am

            Re: Re: Re:

            People have died at Amazon factories having effectively worked themselves to death. We also have cases of people living in their cars so they can work at Amazon.

            I'm not a mad fan of either man but let's not pretend one is more moral or better than the other. They are both awful people.

            link to this | view in chronology ]

            • identicon
              Rocky, 23 Jan 2020 @ 6:51am

              Re: Re: Re: Re:

              Certainly, but feeling glee about awful people getting their due while at the same time ignoring a collateral death just rubs me the wrong way.

              And regarding the working conditions at Amazon, the core cause is the poor labor laws in the US. It's not like Amazon are alone in taking advantage of laborers but their practice is especially egregious.

              link to this | view in chronology ]

              • icon
                Wendy Cockcroft (profile), 23 Jan 2020 @ 7:40am

                Re: Re: Re: Re: Re:

                That's what happens when you kill off unions. We need them to fight for our rights.

                link to this | view in chronology ]

            • icon
              bhull242 (profile), 26 Jan 2020 @ 6:53pm

              Re: Re: Re: Re:

              Honestly, this brings up an interesting moral question.

              See, as far as I can tell, while both are definitely responsible for a lot of death, and both of them are awful people in general, there is still a difference. MBS actively tries to get people killed, whether it is to silence opposition and dissent or to appease close friends or for revenge for some perceived slight or whatever. By contrast, Bezos isn’t trying to kill people. He just doesn’t really care much about whether his employees die from overwork or poor working conditions or something, at least not as much as making a lot of money and having a lot of work done as quickly and efficiently as possible, even if doing so creates a lot of unnecessary risk and leads to a high death toll.

              So the question is this: which is worse: intentionally killing people without need or unintentionally but knowingly killing people without trying to fix it or actually needing to?

              For the purpose of this question, assume that in both cases the same number of people are killed either way, and it occurs for the same period of time and is ongoing at the same rate for both. Also, assume the same distribution of age, gender, ethnicity, sexual orientation, marital status, income, criminality/innocence, health/disease, etc. among the victims in each scenario. (Basically, assume that all factors are equal other than whether or not the deaths are intentional or desired.)

              Also, remember that choosing one as worse should not necessarily be taken as supporting, endorsing, minimizing, accepting, justifying, liking, sanctioning, enjoying, or defending the other. I think that we can all agree that both cases are awful and unacceptable. And while there are obvious similarities between the two hypotheticals I gave and the real-life Bezos and MBS, I’d prefer if people ignore their personal opinions of Bezos, MBS, Amazon, Saudi Arabia, the Saudi government, tech companies, the US, politics, etc. and focus on the pure hypothetical scenarios I presented and decide solely on that.

              I can see arguments for either side, and I don’t think there is a clear answer here. I’d be very curious about what everyone thinks. The law appears to punish the former more harshly than the latter (at least in most jurisdictions within the US), but as we all know, legality doesn’t equal morality or ethics. So please, feel free to share your thoughts on this.

              I should note that, for the record, regardless of the answer, it doesn’t change my opinion of the allegations in the story, assuming they’re true, and that both Bezos and MBS (as well as the hypothetical people from my question) are truly awful human beings.

              link to this | view in chronology ]

              • icon
                Wendy Cockcroft (profile), 27 Jan 2020 @ 2:49am

                Re: Re: Re: Re: Re:

                So the question is this: which is worse: intentionally killing people without need or unintentionally but knowingly killing people without trying to fix it or actually needing to?

                If you know your policies are killing people but do nothing about it (see UK government - benefits claimants dying of starvation for examples of this happening in practice), you're responsible and it is intentional; you're doing nothing about a situation that you know kills people that you could resolve.

                Now in Bezo's case the kill count is low. Nonetheless if he personally knows about it and does nothing, his casual neglect -- the thing that causes people to die -- is a choice he has made and that is what makes him responsible. It's deliberate when the casual neglect continues despite the evidence that it kills people.

                Bezos would no doubt argue that most of his workers aren't dropping like flies, undiagnosed heart conditions, etc., are in play here, etc. Okay, fine. But his neglect means that the workers are denied the medical coverage that would get them checked out to ensure that any condition is diagnosed.

                Americans really do need Medicare for all; it's not your boss's job to see to your healthcare, it's the government's. Public healthcare provision is as important, if not more so, than the military. There's ALWAYS money for the military however expensive the kit is, so why is there none for healthcare? Enacting this would get Bezos off the hook for the healthcare provision that would catch undiagnosed conditions. Meanwhile, he needs to stop pushing his workers so hard and pay them more.

                link to this | view in chronology ]

  • icon
    Stephen T. Stone (profile), 22 Jan 2020 @ 11:24am

    This story is why the “new world order” conspiracy theory never makes sense to me. How can I possibly believe the idea that the rich and powerful are conspiring to rule the whole world together if Bezos and MBS are trying to trip each other up?

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 22 Jan 2020 @ 11:46am

      Re:

      because thats what they want you to think /s

      link to this | view in chronology ]

      • icon
        Wendy Cockcroft (profile), 23 Jan 2020 @ 5:37am

        Re: Re:

        Good one. The New World Order theory doesn't require people to walk in lockstep, just to agree enough to get stuff done. They all bicker with each other over things like stories decrying murder by bonesaw, etc., but try to run a nation in the interest of its people and see what happens.

        link to this | view in chronology ]

        • identicon
          Anonymous Coward, 23 Jan 2020 @ 6:35am

          Re: Re: Re:

          try to run a nation in the interest of its rich people

          Slaves are not people apparently.

          link to this | view in chronology ]

          • icon
            Wendy Cockcroft (profile), 23 Jan 2020 @ 7:42am

            Re: Re: Re: Re:

            When they try to run a nation in the interests of its rich people they succeed beyond their wildest dreams. It sucks to be the poor people in such countries, though.

            This is happening in the UK right now; they're running it in the interests of people who don't even flippin' well live here! [Seethe]

            link to this | view in chronology ]

  • icon
    jakerome (profile), 22 Jan 2020 @ 11:57am

    Trojan Horse redux

    Is this the first example since Troy of a sovereign leader using a Trojan horse to attack his enemies?

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Jan 2020 @ 12:47pm

    Man I hate rich people. This whole thing amounts to a pissing contest between rich assholes, and what's the body count now?

    link to this | view in chronology ]

  • icon
    Who Cares (profile), 22 Jan 2020 @ 2:02pm

    The world is really unfair.
    You need to be rich and powerful to get scammed by a real prince while I, a mere average Jane/Joe, only get these fake Nigerian princes.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 23 Jan 2020 @ 6:38am

      Re:

      Fight back, become a fake person - lol

      iirc, Joe the plumber was not a licensed plumber

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 22 Jan 2020 @ 3:40pm

    "Whatsapp Account Personally Sent"

    Something went wrong with that headline. Did "the account" or "the person" send the malware? Even SCOTUS have not yet declared that accounts are persons.

    link to this | view in chronology ]

  • icon
    ECA (profile), 23 Jan 2020 @ 12:56pm

    Long contention

    With email that reads HTML and Other Languages to open Automated CRAP, even pulling 3rd party external crap to be on my machine..\
    NEVER EVER, I read TXT format only. Never open that other crap.

    link to this | view in chronology ]

  • identicon
    Dave Mabus, Ghostbuster, 24 Jan 2020 @ 10:38am

    Meh.

    Its all basically hearsay, spread by Gavin “the Chosen Gang Stalker” de Becker (who is also a DHS contractor) and Bezos, trying to compensate for something.

    The only thing thay would make it crazier is if it was actually Swedish intel, or de Becker himself who sent the video link to the Prince first, who then obliged Bezos with Bezos’ spooks own malware, sent by his hired gun in the first place.

    Yup, intel agencies and billionaires with unscrupulous PIs on their payrolls use sex/entrapment/hacking to compromise and control assets *all the time.

    https://www.thedailybeast.com/george-nader-witness-in-mueller-probe-denied-release-on-child-porn-ch arges

    WOW.

    My head hurts thinking about all the angles.

    link to this | view in chronology ]

    • icon
      bhull242 (profile), 26 Jan 2020 @ 6:23pm

      Re:

      Of the claims you make that have any relation to this article (the ones regarding de Becker and Bezos), the article you link to has absolutely nothing remotely related to or supporting those claims. You provide nothing else in their support, either. Thus, each of your claims/speculations about de Becker and/or Bezos are completely unsupported and appear to have no basis in known or proven facts, at least as far as I can tell.

      And I say all this as someone who knows nothing about de Becker and has a pretty low opinion of Bezos. I don’t even know if the story they’re claiming is true or not. It’s entirely possible they’re lying. However, some of your assertions are a bit out there, and you aren’t really supporting them with any evidence.

      As for this assertion:

      Yup, intel agencies and billionaires with unscrupulous PIs on their payrolls use sex/entrapment/hacking to compromise and control assets *all the time.

      Well, first of all, the article has nothing to do with billionaires or PIs at all, as far as I can tell. Nor is there any suggestion in it that anyone at all planted evidence or hacked anyone in relation to anything described in the article. In fact, it sounds like the government, upon learning that a witness was being prevented from traveling to the courthouse due to that witness having been convicted of possession of CP, decided to try to get him over to the courthouse safely in order to accommodate his charges. I’m just not seeing anything suspicious about any aspect of this story, nor do I see any support in it for your claim about intel agencies, billionaires, or PIs hired by rich people.

      And again, I have no real love or trust for intel agencies, billionaires, or PIs in general. I just don’t see any evidence for your claim.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.