The phone of Jeff Bezos, CEO of Amazon, was reportedly hacked in May 2018 after Saudi Crown Prince Mohammed bin Salman messaged him on WhatsApp. Bezos and the crown prince had a friendly exchange; it appears that Bezos’ phone was hacked after he opened a video file sent from the prince’s number on WhatsApp. Once Bezos opened the file, large amounts of data were quickly removed from his phone.
The U.S. Saudi Arabia Embassy tweeted that the reports were “absurd” and they wanted “an investigation on these claims so that we can have all the facts out.”
After The National Enquirer published the story outing Bezos’ affair, his team began looking at his phone for the source of the leak. Bezos claimed that American Media Inc., which owns the Enquirer, blackmailed him by threatening to publish private photos. American Media Inc. denied blackmailing him. AMI attempted to have Bezos and his team sign documents that would prevent them from suing, speaking out publicly or contacting law enforcement; and if they spoke out or did the contrary it would post embarrassing photographs of Bezos. Bezos’ head of security would have had to make a public statement written by AMI to cover that the did not use “any form of electronic eavesdropping or hacking in their news-gathering process.”
The United Nations is investigating the situation and demanding answers from Saudi Arabia. The UN released a report, which establishes digital forensic evidence that links Salman to Bezos’ hack. It is unclear what actions the United Nations will take in response to its findings.
This poses a dilemma for the White House as President Trump and his son-in-law/advisor Jared Kushner kept close ties with Salman. Kushner has communicated with the crown prince via WhatsApp, the same app used to hack Bezos. The incident raises concern that Kushner could also be vulnerable to attacks.
This is the latest in a series of high-profile phone hacks. WhatsApp has been used to hack others in the past, including Israel’s NSO Group who used the app to deliver malware. NSO’s malware has been used by governments to target dissidents and journalists. Additionally, Congress recently asked the FCC to investigate SIM swap scams, which can defeat two-factor authentication. Notably, Twitter CEO Jack Dorsey’s Twitter account was recently compromised using a SIM swap.