Jeff Bezos’ Smartphone Hacked After WhatsApp Message from Saudi Crown Prince

In May 2018, the smartphone of Amazon CEO and owner of The Washington Post, Jeff Bezos—one of the world’s richest people—was hacked. The incident led to a major scandal, during which the tabloid National Enquirer attempted to blackmail Bezos by threatening to publish personal messages and intimate photos obtained from his phone. At the time, Bezos was still married to his wife MacKenzie, with whom he had spent 25 years, and had not yet made his relationship with former TV host Lauren Sanchez public. In short, it was an unpleasant situation.

According to reports from The Guardian and Financial Times, the hack was directly linked to a WhatsApp message Bezos received on May 1, 2018, from Saudi Arabia’s Crown Prince Mohammed bin Salman. The two had met in person shortly before and exchanged contact information.

How the Hack Happened

Media outlets cite a forensic report by FTI Consulting (the document was published by Vice Motherboard). Investigators concluded that a video message (apparently a promotional film about telecommunications in Arabic) sent to Bezos by the Crown Prince exploited a vulnerability in WhatsApp. The bug allowed malware to be downloaded and installed on Bezos’ personal iPhone. This malicious software stole a massive amount of data from the Amazon CEO’s device.

“The volume of data transmitted from Bezos’ phone changed dramatically after receiving the WhatsApp video file and never returned to previous levels. After the encrypted downloader was executed from Mohammed bin Salman’s account, outgoing traffic from the device spiked by about 29,000%,” the FTI Consulting report states. “For six months prior to receiving the video, Bezos’ phone averaged 430 KB of outgoing traffic per day, which is typical for an iPhone. Within hours of receiving the WhatsApp video, outgoing traffic jumped to 126 MB. For months afterward, the phone maintained an unusually high level of traffic (averaging 101 MB), with multiple, highly atypical spikes in outgoing data.”

Who Was Behind the Attack?

The report’s authors believe the malware used in the hack was purchased from third-party developers by Saud al-Qahtani, a close friend and advisor to Crown Prince Mohammed bin Salman. According to media reports, al-Qahtani had previously acquired hacking tools from companies like the notorious Hacking Team.

The FTI Consulting investigation, first published by The Guardian, has faced criticism from cybersecurity experts. Journalists speculated that the tool used might have been created by the Israeli company NSO Group, known for offensive hacking tools. However, the forensic report does not state that NSO Group’s tool was used; it only notes that NSO Group’s products are capable of stealing data in the same way. The report mentions malware like Pegasus from NSO Group and Galileo from Hacking Team as examples.

Despite this, the FTI Consulting report has raised many questions and skepticism among experts. For example, Vladimir Katalov, head of Elcomsoft, told Vice Motherboard that the experts who studied the attack “did not seem sufficiently qualified.”

Why Target Jeff Bezos?

Why would the Saudi Crown Prince want to hack Jeff Bezos’ phone? The attack may be linked to Bezos’ ownership of The Washington Post since 2013. The newspaper was home to prominent Saudi journalist, columnist, and writer Jamal Khashoggi, a well-known critic of the U.S., Saudi authorities, and Mohammed bin Salman in particular. Khashoggi was murdered in the Saudi consulate in Istanbul in the fall of 2018. After the killing, the Crown Prince acknowledged responsibility for the incident but claimed he was unaware of the details.

Many media outlets and experts now believe that Saudi Arabia launched a campaign to discredit Jeff Bezos. For example, ZDNet journalists have compiled a detailed timeline of recent events involving Saudi Arabia, Jeff Bezos, and the Khashoggi murder.

Official Responses and International Reaction

The Saudi Arabian embassy in Washington has officially denied any involvement in the hacking of Jeff Bezos’ phone, calling the allegations absurd.

Meanwhile, members of the United Nations Working Group on Human Rights have called on the U.S. to immediately and thoroughly investigate the attack on Jeff Bezos’ smartphone. UN experts also believe the hack was part of a coordinated Saudi campaign against Bezos, triggered by critical coverage of events in the country.