Explainer: How Jeff Bezos' iPhone was hacked, allegedly by Saudi Crown Prince

Was Pegasus malware involved in the data extraction?

MBS-Jeff-Bezos-Reuters File photos of crown prince Mohammed bin Salman and Amazon CEO Jeff Bezos | Reuters

In May 2018, Amazon boss Jeff Bezos received a message on his iPhone X from Saudi Crown Prince Mohammed bin Salman. The two had exchanged numbers a month back, and this one had a video attachment. According to a WIRED report, they were never in regular contact. Two UN experts have now said Bezos's phone may have been hacked by the infected file. Analysis reportedly found that within hours of receiving the file, there was an "unprecedented exfiltration" of 126 MB of data from Bezos's phone. This continued undetected over a period of "some months" with rates of as much as 4.6 GB higher than the baseline. The forensic analysis cited by the UN experts showed that the Crown Prince, Saudi Arabia's de facto ruler, sent WhatsApp messages to Bezos in November 2018 and February 2019 in which he revealed information about Bezos's personal life not available from public sources. The analysis also suggested that the hackers may have used a type of spyware used in other Saudi surveillance cases, such as the NSO Group's Pegasus-3 malware.

The mobile surveillance tool Pegasus, named after the Greek mythological winged horse, reached global ignominy when it came to light that the malware was used to keep track of activists and political leaders across the globe. It can collect vast amounts of previously inaccessible data—including phone calls, texts, emails, contacts, location and any data transmitted over apps like Facebook, WhatsApp and Skype—from smartphones without leaving a trace.

Pegasus infects individuals’ phones by sending them text messages that tempt them to click an attached link. If the target clicks on the link, the company gains full control over the phone, including its contents and history, and the ability to activate its microphone and camera at will. 

How did this come to light?

Bezos owns The Washington Post, which employed as a contributing columnist Jamal Khashoggi, a Saudi journalist murdered in October 2018 at Riyadh's consulate in Istanbul. The newspaper had spoken out strongly against the Saudi regime on the murder. 

In 2019, Bezos's personal life was thrust into the spotlight with the announcement in January 2019 that he and his wife were divorcing after 25 years of marriage, and the revelation by the National Enquirer that he had been having an affair with a former news anchor Lauren Sanchez.

The Enquirer had accessed his text messages. In February, Bezos accused the tabloid's publisher American Media Inc—led by David Pecker, who has been described as a close friend of Bezos critic President Donald Trump—of trying to blackmail him over lurid photos.

Bezos had hinted he may have been targeted by pro-Trump forces in part because of coverage by The Washington Post, which he owns, of the murder of its contributor Jamal Khashoggi, strangled and dismembered by Saudi agents in the kingdom's Istanbul consulate in October.

Bezos, the world's richest man, and his wife MacKenzie finalised their divorce in July 2019 to the tune of a $38-billion (34-billion-euro) settlement, according to Bloomberg News. Following the scandal, Bezos hired Gavin de Becker & Associates, a security firm, to find out how his intimate text messages and photos made their way into the hands of the National Enquirer.

In March last year de Becker said he had concluded that Saudi Arabian authorities hacked the Amazon chief's phone to access his personal data. But de Becker did not specify which part of the Saudi government he was blaming for the hack, and gave few details about how he had concluded that the kingdom was responsible. 

Claims and counter-claims

The Saudi Arabian embassy vehemently denied all allegations. "Recent media reports that suggest the Kingdom is behind a hacking of Mr Jeff Bezos' phone are absurd," the Saudi Arabian embassy said on its Twitter account.

But, independent UN rights experts called for an investigation on the claims. "The alleged hacking of Mr Bezos's phone, and those of others, demands immediate investigation by US and other relevant authorities," UN Special Rapporteurs Agnes Callamard and David Kaye said in a statement in Geneva. Any investigation into the alleged incident in May 2018 should also look at the "continuous, multi-year, direct and personal involvement of the Crown Prince in efforts to target perceived opponents", they added.

Callamard, the UN expert on summary executions and extrajudicial killings, and Kaye, the expert on freedom of expression, said they were "gravely concerned". "The information we have received suggests the possible involvement of the Crown Prince in surveillance of Bezos, in an effort to influence, if not silence, The Washington Post's reporting on Saudi Arabia," they wrote.

"We call for an investigation on these claims so that we can have all the facts out." The UN special rapporteurs said the circumstances and timing of the hacking also gave grounds for further investigation into "allegations that the Crown Prince ordered, incited, or, at a minimum, was aware of planning for" the operation to kill Khashoggi.

Callamard last year led an independent probe that found "credible evidence" linking the crown prince to Khashoggi's killing—a charge the kingdom vehemently denies.

-Inputs from AFP via PTI