Update (23/01/2020): An NSO Group spokesperson said in an email statement to TNW that the company’s technology was not used in this particular instance:
As we stated unequivocally in April 2019 to the same false assertion, our technology was not used in this instance. We know this because of how our software works and our technology cannot be used on US phone numbers. Our products are only used to investigate terror and serious crime.
Last night, The Guardian and Financial Times published reports citing it’s “highly probable” that Saudi Arabia’s crown prince, Mohammed bin Salman (aka MBS), played a key role in hacking Amazon co-founder Jeff Bezos’ phone in 2018. The hack shows how easy it is to get control of a top executive’s data. But we’ll get to that later, let’s first look at the history and methodology behind the hack.
An encrypted video file sent by the prince to Bezos on WhatsApp allowed the phone to be hacked. Experts at FTI Consulting, a business advisory firm that led the forensic investigation of the Amazon chief’s phone said, “a massive and unauthorized exfiltration of data from Bezos’s phone began, continuing and escalating for months” hours after the file was sent.
Bezos and bin Salman met at a dinner in Los Angeles in 2018, and exchanged numbers. Soon after that, they had a falling out as Saudi Arabia murdered veteran journalist Jamal Khashoggi, who also used to write for Bezos-owned Washington Post.
Last year, National Enquirer, an American tabloid, published intimate details of Bezos’ extramarital affair through a dump of data from the executive’s phone. Later, Bezos’ head of security, Gavin de Becker wrote a column in the Daily Beast alleging that Saudis had access to the Amazon co-founder’s phone and data.
There’s no confirmation as of now, but it’s highly likely that Saudi’s used the notorious Pegasus software or Hacking Team’s Galileo, created by the Israel-based NSO group, to get the data from Bezos’ phone.
7. Yes it was Pegasus, the cyberweapon made by Israeli company NSO
8. You think you're safe if you use Signal with disappearing messages? Think again
9. Between May and October 2018, the Saudis also hacked many others. All were about free speech, not business.
— İyad el-Baghdadi | إياد البغدادي (@iyad_elbaghdadi) January 21, 2020
Last year, WhatsApp sued NSO Group for snooping on over 1,400 individuals, including journalists and activists across the world, using its Pegasus software. While the Israel-based company denied the allegations, various investigations, including Khashoggi’s murder case, found that victims had the software inserted in their phones through various means.
As I said earlier, this goes to show how easy it is to target even top-level people, and that they need to improve their security practices. Bezos’ phone was hacked and he had to endure personal and financial loss as he kept his individual and business data on the same phone. In 2017, it was reported that US President Donald Trump used a five-year-old Samsung phone with outdated software.
Last year, CNN reported that Trump continued using a personal phone despite several warnings from security officials. In 2016, it was found that Mark Zuckerberg used ‘dadada’ as the password of several social networks.
— thaddeus e. grugq (@thegrugq) January 22, 2020
The security community on Twitter suggested that Bezos should’ve used a burner phone to chat with Saudis, and keep a separate phone to store personal data. Not a bad idea at all.