How was Jeff Bezos's iPhone hacked by the Crown Prince of Saudi Arabia?


JD Lasica

In January 2020, The Guardian, a British daily newspaper, reported that 'Amazon's CEO Jeff Bezos' iPhone may have been hacked by the Saudi Crown Prince,' a scandal involving the country. Meanwhile, motherboard of technology media has obtained a research report on 'Bezos CEO hacked by iPhone set by the Crown Prince of Saudi Arabia' and reports on the contents of the report.

Here Is the Technical Report Suggesting Saudi Arabia's Prince Hacked Jeff Bezos' Phone-VICE

The allegation that Bezos 'iPhone was hacked emerged from a survey related to Bezos' affair scandal reported in 2019. The Guardian reports from an anonymous person that a malicious file sent by Saudi Crown Prince Mohammed bin Salman to Bezos has stolen large amounts of data from Bezos' iPhone.

Possibility that the trigger that information was extracted from Amazon's Jeff Bezos' mobile phone was a message from Saudi Crown Prince-GIGAZINE

by Gilles Lambert

Prince Mohammed is the chairman of a government fund that has made a significant investment in SoftBank's Vision Fund, and is said to have been involved in the assassination of journalist Jamal Khashoggi in 2018. You.

A Saudi Crown Prince who forms a tag with Softbank's Son Masayoshi Fund is an assassination order, or a surveillance camera movie that captured the executing unit-GIGAZINE

The report obtained by Motherboard was prepared by FTI Consulting , an American business advisory. The investigator who created the report seems to have set up a dedicated lab to investigate Bezos's iPhone and examined it for two days, resetting the iPhone settings to avoid iTunes backup encryption of iPhone and factory He said that he returned to the factory state and obtained unencrypted data. However, researchers said they could not detect malware from the iPhone.

On the other hand, on May 1, 2018, it became clear that a suspicious movie file that looks like 'Arabic promotion movie on communication' was sent from Prince Mohammed to Bezos CEO through WhatsApp of message application.

Below is a screenshot of the message actually sent from the Prince Mohammed to Bezos. The movie file that can confirm the thumbnails showing Saudi Arabia and Sweden is sent as `` encrypted downloader '' by end-to-end encryption provided by WhatsApp, and whether the malware file was embedded in the movie file itself Was not confirmed.

The investigators decided that the movie file or downloader was suspicious because Bezos' iPhone began sending large amounts of data shortly after running the downloader. According to reports, before running WhatsApp encrypted downloader, Bezos' iPhone sent an average of 430KB of data per day. However, several hours after downloading the movie file on WhatsApp, the amount of transmitted data jumped to 126 MB.

According to the report, 'After running the encrypted downloader sent by Prince Mohammed, the output of the device immediately increased by about 29,000%.' The amount of data sent from the iPhone has remained high for several months since then, sending on average 101 MB of data per day.

by Rawpixel

Investigators combined Bezos' iPhone and other large-scale surveys, and through a tool procured by Soudu Al Qatani , a friend of Crown Prince Mohammad and media consultant , the investigator said. Reports that the iPhone has been hacked. Mr. Cartani is said to have been involved in the assassination of Kashoghi, as well as Crown Prince Mohammad, and was also the chairman of SAFCSP , the Saudi Arabian state agency responsible for cybersecurity and programming.

The Guardian suggested that sources of hacking tools could have been developed by the Israeli technology company NSO Group , but the report did not mention that NSO group tools were used. According to the report, 'Advanced mobile spyware, such as the NSO Group's Pegasus and the hacking team 's Galileo, connects to legitimate applications and processes on the device to evade detection, obfuscate activity, and ultimately obfuscate activity. Data can be intercepted or leaked. '

In addition to the large amount of data being sent from Bezos' iPhone, a suspicious message was also found in the message sent by Prince Mohammed to Bezos. The following picture was sent by Prince Mohammed to Bezos on November 8, 2018, and the woman in the picture is similar to Laurent Sanchez who had a close relationship with CEO Bezos. However, at the time this photo was sent, the relationship between Bezos and Sanchez was not public, and it was strange that Prince Muhammad sent this photo to Bezos.

In this survey, not all data included in Bezos CEO's iPhone was analyzed, and the entire file system was not investigated. Researchers also noted at the end of the report that they needed to jailbreak Bezos' iPhone and analyze the root file system, admitting that malware could be detected in unexplored files.

in Mobile,   Software,   Security, Posted by log1h_ik