Get App
you are here: HomeNewsWorld
Last Updated : Jan 24, 2020 05:21 PM IST | Source:

In Depth | Jeff Bezos phone hacking: A spyware, Saudi Arabian crown prince and the plot to kill a journalist

The messages that MBS sent to Bezos on WhatsApp, in the latter half of 2018 – that is after the May 2018 video message was sent – seemed to suggest that MBS has intimate knowledge of Jeff’s private life

After the allegations of Saudi Crown Prince MBS behind Jeff Bezos' phone hacking emerged, the Amazon CEO tweeted a cryptic post with this picture and a monosyllabic caption – #Jamal. (Image: Twitter/@JeffBezos)
After the allegations of Saudi Crown Prince MBS behind Jeff Bezos' phone hacking emerged, the Amazon CEO tweeted a cryptic post with this picture and a monosyllabic caption – #Jamal. (Image: Twitter/@JeffBezos)

A startling revelation about the phone hacking of one of the wealthiest men on Earth has made one thing aptly clear – everyone is equal in the eyes of private hackers!

Amazon’s Chief Executive Officer Jeff Bezos, whose net worth is over 100 billion dollars, has been splitting his hair over how his iPhone X was hacked. Many technical mysteries remain on how his phone was infiltrated, but what has made the controversy truly intriguing is the involvement of Saudi Arabia Crown Prince Mohammed Bin Salman (MBS).

Who are the main protagonists of this story – Jeff Bezos, his iPhoneX, a most popular instant messaging app: WhatsApp, MBS, and a guest appearance of murdered Washington Post journalist Jamal Khashoggi.


How do the lives of these people cross paths and what makes this story as compelling as David Fincher thriller, let’s find out:


On the afternoon of May 1, 2018, Jeff receives a video message on WhatsApp from Saudi Crown Prince MBS. Although the two had communicated through the platform before, Jeff wasn’t expecting a message that day, especially one with Saudi and Swedish flags with Arabic text.

The 4.4MB video was more than what it appeared. According to a forensic analysis, commissioned and paid for by Jeff to find out who was it that hacked his phone, the video message shared by MBS had an encrypted code hidden in it. This hidden code is most likely to have implanted a malware that gave the hackers access to Jeff’s entire phone, including his phone and private conversations, The New York Times has reported.

Although the forensic report doesn’t mention whether Jeff opened the file sent by MBS, cyber security experts are of the opinion that certain malware does not require anyone to click on it to be installed on the phone.

An extra-marital affair

In another plot point, Jeff has claimed that in early 2019, he was being threatened by The National Enquirer, an American tabloid, that it will release private photographs and texts. The pictures reportedly showed Jeff, who was married to MacKenzie at the time, with another woman – Lauren Sanchez.

It was then when Jeff began his singular quest to find out who hacked his phone. However, the forensic report has not linked the hack to The Enquirer. Besides, the tabloid, owned by American Media Inc (AMI), has claimed that it acquired the private chats and pictures from Michael Sanchez, Lauren’s estranged brother.

It is important to note at this time, that Gavin de Becker, Jeff’s head of security, wrote in the Daily Beast that MBS had developed a “close relationship” with David Pecker, CEO of the tabloid’s parent company.

The build-up

It was in February last year, when Jeff went public on Medium with his claims that The Enquirer was blackmailing him with private chats and pictures and that he had hired Gavin de Becker, a private investigator, to identify how his phone was hacked.

Ten days later, a “leading intelligence expert”, who is not named in the report, advised de Becker to conduct a forensic analysis of Jeff’s iPhone and look for Saudi footprints in the hack.

Then, de Becker hired FTI Consulting to examine Jeff’s phone. Initially, the agency scrutinised the messages received by Jeff from the WhatsApp account of MBS. Later, Jeff handed over his iPhone X to the agency and asked them to run a full analysis on it.

FTI zeroed in on April 2018 dinner when Jeff and MBS had exchanged numbers in Los Angeles. The agency found out, after that, the WhatsApp account handled by MBS repeatedly initiated contact with Jeff without prompting.

According to The New York Times report, the seemingly harmless May 2018 video message had a 14-byte chunk of malicious code. Within 24 hours of receiving that video, Jeff’s phone had started sending out large amounts of data – as large as 29,000 percent more than his average data usage.

The investigators also pointed out that a large number of apps on Jeff’s phone were in use when the data was leaving the phone, including Safari and Apple Mail. Since he did not have iCloud backup option enabled on his phone, data had to be leaving from his mobile handset.

It gets more interesting

The messages that MBS sent to Jeff on WhatsApp, in the latter half of 2018 – that is after the May 2018 video message was sent – seemed to suggest that MBS had intimate knowledge of Jeff’s private life.

For instance, the forensic report points out at a message sent to Jeff from MBS’ account on November 8, 2018. The message was a photo of a woman, who closely resembled Lauren Sanchez (the woman Jeff was reportedly having an extra-marital affair with), captioned, “Arguing with a woman is like reading the software license agreement. In the end you have to ignore everything and click I agree.”

At this time, Jeff and his then wife MacKinzie were discussing divorce, which would have been apparent to anyone reading his texts.

Another such instance which fuelled Jeff’s suspicion occurred in February 2019. He was having a series of phone calls with his security personnel about Saudi’s alleged campaign against him. Two days later, Jeff received a message from MBS which read, “There is nothing against you or Amazon from me or Saudi Arabia,” the forensic report has stated.

The villain

A compelling story deserves a devious villain, and our villain is technology, or rather the lapses in it. Even though the report has not named any private cybersecurity company behind the infiltration into Jeff’s phone, but suggested that Israel-based NSO Group or Milan-based Hacking Team had the capabilities of such an attack.

The hacking has also exposed the vulnerabilities of popular apps like WhatsApp, and how attackers can use it to exploit.

In fact, in October last year, WhatsApp had sued Tel Aviv-based NSO Group in federal court for spying on journalists and human rights activists across the world using a spyware called Pegasus. The news had created a furore back home with names of at least 20 Indian journalists and activists surfacing in the list of those identified and contacted by WhatsApp. Meanwhile, Facebook, which owns the instant-messaging app, assured that they are working to patch the flaw.

The forensic report pointed out that NSO Group’s Pegasus or Hacking Team’s Galileo could be the two most likely tools used to carry out this infiltration. It is noteworthy a close advisor to MBS, namely Saud al-Qahtani owns a 20 percent stake in Hacking Team.

Besides, hacking is no more restricted to a bunch of coders sitting in closed dark quarters trying to extort small amounts of money as mischief or payback, or maybe snoop on their spouses or children. It has transformed into a full-fledged industry, worth 1 billion dollars. Companies like the NSO Group and hacking Team have been accused of working with governments to identify their dissidents by installing their spyware.

Spyware, which is malware created for the explicit purpose of snooping into private online conversations, is our devious villain.

The climax

Five months after the May 18 video message was sent to Jeff by MBS, The Washington Post journalist Jamal Khashoggi was murdered in Istanbul outside the Saudi Consulate. The missing link in this jigsaw puzzle – Jeff Bezos owns The Washington Post.

Khashoggi’s columns, which were critical of MBS and talked of his repression of activists and intellectuals, had rankled the future king of Saudi Arabia and his inner circle. He was killed at the Saudi Consulate in Istanbul, however his body has yet not been found. Various theories have surfaced as to what might have been the fate of his mortal remains, including dissolved in acid and flushed down a well on the consulate grounds.

While MBS had denied any involvement and had classified the murder as a “rogue operation”, a CIA report had concluded, with “high confidence”, that the crown prince had ordered the assassination. In December last year, a Saudi court convicted eight people for their involvement in the murder. However, it was described as sham by human rights activists.

Andrew Miller, a Middle East expert, who served on the national security council under President Obama told The Guardian, that if Jeff has indeed been attacked by MBS, “He probably believed that if he got something on Bezos, it could shape coverage of Saudi Arabia in the Post. It is clear that the Saudis have no real boundaries or limits in terms of what they are prepared to do in order to protect and advance MBS, whether it is going after the head of one of the largest companies in the world or a dissident who is on their own.”

The possibility of this itself could pose a dilemma for The White House.


The forensic report of Jeff’s phone has been reviewed by United Nations special rapporteur Agnes Callamard, who probes extra judicial killings. Her own investigation into the murder of Khashoggi had found “credible evidence” of MBS’ involvement. Although she confirmed to The Guardian that she is still pursuing “several leads” into Khashoggi’s murder, she denied to comment on a probable link with the hacking of Jeff’s phone.

UN special rapporteur David Kaye, while taking cognizance of the forensic report and demanding a probe into the infiltration, noted, “This case really highlights the threats that are posed by a lawless and unaccountable private surveillance industry.

“The companies who are creating these tools are extremely crafty and aggressive, and it’s a cat-and-mouse game at this point.”

Ron Deibert, the director of Citizen Lab, a Toronto-based cybersecurity organisation, which had probed into NSO Group’s Pegasus spyware over the snooping on activists and journalists through WhatsApp, but was not involved in the Jeff-commissioned forensic analysis of his phone, told The Times the Amazon chief’s situation was “a reminder that the proliferation of commercial spyware is a global security problem for all sectors, from government and businesses to civil society.”

End Credits

Saudi Arabia’s embassy in the US has said that the “story” of MBS hacking into Jeff’s phone were “absurd” and called for an investigation into it, BBC has reported.

NSO group, whose Pegasus spyware could most likely be the conduit for hacking, has also denied these allegations.

Facebook, which owns WhatsApp, has also not issued a statement on the incident yet.

Jeff, in what could have been one of the better open-ended narrative to this story, has tweeted a cryptic picture of him with a monosyllabic caption – #Jamal (See featured image).

Disclaimer: This article has explained Jeff Bezos’ phone hacking in a lighter vein. It is not to discount the gravity of the allegations or the seriousness of the menace that is cyber crime.


Exclusive offer: Use code "BUDGET2020" and get Moneycontrol Pro's Subscription for as little as Rs 333/- for the first year.

First Published on Jan 24, 2020 05:21 pm
Follow us on