A digital FTI is consulting forensic analysis was conducted by Anthony Ferrante. The report suggests that the smartphone of Amazon CEO Jeff Bezos hacked through a malicious file. It happened by sending messages from the Whatsapp account of Saudi Arabian Crown Prince Mohamed bin Salman.
The malware was attached to a WhatsApp message in an MP4 format. The United Nations Special Rapporteurs, who reported to the technical aspects of this report, were forwarded by FTI Consulting. They refused to comment by saying that all client research is confidential. The U.S. embassy of Saudi Arabia declined the allegations against Uncertainty Element
The FTI indicates that they have a series of events that are likely to have malware on the video attachment. But either has not been causal or can’t be sure that the Prince has developed a hack with just sending a compromised e-mail, suggested Rob Enderle, Enderle’s principal analyst.
Liz Miller, the principal analyst at Constellation Research, pointed out that the malware appears to have developed into self-destruction which makes it impossible for there to be 100% concrete evidence. FTI’s researchers “did not even find rests of malware code on the device, but found a file with an encrypted video downloader,” she told TechNewsWorld.
On 28 April 2018, after dinner in Hollywood, the Prince started a WhatsApp message chat with Bezos. A video received from the WhatsApp account of Prince Bezos on 1 May is the cause. He noticed that the Prince sent messages to Bezo on two subsequent occasions, indicating that he knows his communication:
- The first was taken on 8 November 2018 by a picture of a woman who resembles Lauren Sanchez, whom Bezos dated.
- The second sent on 16 February 2019, two days after Bezos had been involved in telephonic conversation concerning the Saudis alleged online campaign.
In the article of The Washington Future, the United Nations ‘special rapporteurs related the hack of Bezos’ smartphone to reports on the role of the Saudis Prince and the Saudi government in the killing of Post journalist Jamal Khashoggi.
The Threat of Pegasus
The malware used was “probably web, or less possibly Galileo’s Hacking Team spyware like NSO Group’s Pegasus,” the analysis suggested by FTI.
Pegasus-3 Spyware, which was developed by NSO Group, a company based in Israel, was purchased by the Saudi Royal Guard, found by FTI. It may be from the spyware used for Saudi dissidents.
Comparitech privacy advocate Paul Bischoff reported that Pegasus spreads through malicious links “often through chat apps such as WhatsApp and Messenger.”Security too, Jim McGregor, Tirias Research’s principal analyst, told the threatened because of the rapid pace of technology.
The Hack’s Aftermath
The UN rapporteurs called for a hack investigation and said that the use of WhatsApp as a forum to allow Pegasus to install on devices was well known.
Meanwhile, Facebook and WhatsApp filed a lawsuit in a U.S. federal court against NSO Group Technologies, and a court in Israel started proceedings to decide whether the NSO Group should have its export license withdrawn. NSO denied the allegations for the permit.