6 big things we still don't know in the bombshell report of how Jeff Bezos' phone was hacked by Saudi Crown Prince Mohammed bin Salman
- On Tuesday, the Guardian reported an international investigation had concluded that Amazon CEO Jeff Bezos' phone was hacked via a link in a May 2018 WhatsApp message from Saudi Arabia's crown prince Mohammed bin Salman (known as MBS in the West).
- Cybersecurity experts hired by Jeff Bezos to investigate the leaks after details of an affair were leaked to the media also reported similar findings, the Financial Times reported.
- The hacking fills in a missing chunk in a timeline that links the murder of journalist Jamal Khashoggi, who wrote for the Bezos-owned Washington Post, and Jeff Bezos himself, who announced in January 2019 that he was getting divorced.
- But many issues still remain unresolved.
- Visit Business Insider's homepage for more stories.
The Guardian published a bombshell report on Tuesday: That Amazon CEO Jeff Bezos' phone was hacked by Saudi Crown Prince Mohammed bin Salman.
According to the report, a WhatsApp message that Bezos received from bin Salman's phone number in May 2019 is believed to have included a "malicious file" that compromised the Amazon CEO's phone. Bezos and the crown prince had previously exchanged a few friendly messages on WhatsApp, according to the report. But within hours of receiving a video file in May, Bezos' phone began to surreptitiously transmit large amounts of data.
Months later, Saudi Arabia was accused of the brutal murder of Jamal Khashoggi, a high-profile Saudi critic and columnist for the Washington Post, which is owned by Bezos.
And in January 2019, Bezos' affair with TV anchor Lauren Sanchez was reported by the National Enquirer, and intimate selfies and text messages that Bezos had sent Sanchez were leaked.
The report of the hacking by the Saudi Kingdom's crown prince would seem to fill in a lot of the missing pieces to this puzzle of intrigue and deception. But there are still a lot of things we don't know. Here are some of the top unanswered questions:
What data from Bezos' phone was accessed in the hack?
The nature of the data taken from Bezos' phone remains unknown to the UN investigators looking into the hacking, according to the Guardian's report. A subsequent report from the Financial Times citing sources from Bezos's own investigation into the matter suggests that the breach was substantial, allowing hackers to access "dozens of gigabytes."
Is Saudi Arabia behind the leaks of Bezos' intimate selfies to his lover?
Whether the Amazon CEO's private photos and texts were leaked to the National Enquirer from the Saudi Arabian government has yet to be determined by international investigators, the Guardian reported.
But there have been speculations that a foreign government was involved in the leaks. A Medium post published by Jeff Bezos in February 2019 accused the National Enquirer's parent company AMI and AMI CEO David Pecker of "extortion and blackmail," unless he stopped referring to the leaks as politically motivated. Bezos also hinted at ties between the media organization and the Saudi Arabian government. And Amazon security consultant Gavin de Becker penned a personal account in the Daily Beast that concluded that the Saudi government had hacked Bezos' phone and gained access to his private information well before the Enquirer story was released.
What was in the video file that MBS sent Bezos?
Likely some sort of malware, but we don't know for sure yet. The Guardian reported that a digital forensics analysis found it "highly probable" that Bezos' phone was breached after he clicked on an "infected" video file sent to him from MBS' WhatsApp account. However, we don't know what exactly the file was infected with - and therefore, what type of information it might have been capable of accessing.
Did bin Salman himself send the compromising text?
It's unclear. While The Guardian's report said the video was sent from bin Salman's personal WhatsApp account, that doesn't definitely prove that the crown prince himself sent the video. Bin Salman could have authorized someone else to send the video on his behalf. Alternatively, an unauthorized third-party could have surreptitiously accessed his account and sent the malware, though there are no indications so far suggesting that someone successfully hacked bin Salman in order to hack Bezos' phone.
Was Israeli cybersecurity firm NSO Group responsible?
We don't know yet. But the Israeli cybersecurity firm, NSO Group has a history of selling software that hacks phones using WhatsApp. Crucially, the company has been linked to Saudi Arabia's alleged assassination of the Washington Post journalist Jamal Khashoggi.
A lawsuit filed by the Montreal-based Saudi dissident Omar Abdulaziz accused NSO of helping Saudi Arabia's government spy on his communications with the murdered Washington Post journalist Jamal Khashoggi back in December 2018. NSO denied all allegations that its software helped lead to Khashoggi's death, the Associated Press reported.
Almost a year later, WhatsApp parent company Facebook sued the Israeli group. NSO Group had exploited vulnerabilities in WhatsApp's video-calling system to send malware to the devices of over 1,400 users, to allow governments and intelligence organizations to spy on them, Facebook alleged in October 2019.
Who else has accused MBS of hacking?
Bezos and MBS exchanged numbers during the crown prince's visit to the United States in April 2018, apparently during a trip where the Saudi crown prince met with several prominent tech executives and investors, including Apple CEO Tim Cook, Alphabet CEO Sundar Pichai (who was running Google at the time), and investor Peter Thiel.
While there is no evidence of other hacking attempts carried out against these tech executives, there are several reports of hacking attempts carried out Saudi Arabia's dissenters around the same time Bezos' phone reportedly began transmitting data, including Abdulaziz, the Financial Times reported.