Analysis Says Crown Prince MBS Hacked Jeff Bezos’s Phone, Saudi Calls it Absurd

Saudi crown prince
File Photo: Mohammed bin Salman, Saudi Arabia's crown prince, arrives to meet Theresa May, U.K. prime minister, at number 10 Downing Street in London, U.K., on Wednesday, March 7, 2018. Photographer: Luke MacGregor/Bloomberg

(Bloomberg) –Jeff Bezos’s mobile phone was hacked following an exchange between the Inc. chief executive officer and Saudi Prince Mohammed bin Salman on WhatsApp, according to two people familiar with an analysis of the breach.

While a message from the prince to Bezos in mid-2018 that preceded the hack appeared benign, investigators found digital evidence suggesting it contained code that ultimately led to the breach of the billionaire’s phone, said one of the people, who asked not to be identified because the probe isn’t public. A forensic analysis showed with moderately high confidence that a WhatsApp account used by bin Salman was involved, another person said.

The Guardian newspaper reported earlier Tuesday that an analysis had found that the theft of data from Bezos’s phone in 2018 started with an infected video file sent from bin Salman’s personal account. The Financial Times, which confirmed elements of the Guardian’s account of the hack, said the analysis was conducted by global business advisory firm FTI Consulting. A representative of the firm declined to comment, saying: “We do not comment on, confirm or deny client engagements or potential engagements.”

The revelation of new details about a security breach that affected the world’s richest man comes about a year after the surprise announcement that Bezos and his wife, MacKenzie, would divorce after 25 years of marriage. The National Enquirer subsequently disclosed an extramarital affair between Bezos and Lauren Sanchez, a former television anchor, in a series of reports that relied, in part, on intimate text messages sent by Bezos.

Bezos subsequently published an extraordinary blog post accusing the tabloid of threatening to publish more embarrassing text messages and photos unless he publicly affirmed that there was no political motivation or outside force behind the tabloid’s coverage.

Gavin de Becker, a security consultant for Bezos, later said he believed the Saudi Arabian government had accessed Bezos’s phone before the Enquirer exposed the affair. He didn’t provide any direct evidence to back up his claims, which he said came from “our investigators and several experts.” De Becker cited the Enquirer’s business relationship with the Saudis, as well as tough coverage of the murder of a critic of the Saudi regime by the Bezos-owned Washington Post, as reasons why bin Salman might seek to harm the Amazon founder. The newspaper reported last year that the Central Intelligence Agency linked the crown prince to the 2018 murder of Post columnist Jamal Khashoggi.

De Becker declined to comment on the Guardian report Tuesday beyond the lengthy statement last year, which was posted on the news site The Daily Beast.

The Saudi embassy, in a tweet, attacked the reports as “absurd” and called for an investigation “so that we can have all the facts out.”

In an interview with Bloomberg TV, Saudi Finance Minister Mohammed Al-Jadaan referenced the statement made by the Saudi Embassy but declined to comment further.

A spokeswoman for WhatsApp declined to comment.

A United Nations investigation, led by UN Special Rapporteurs Agnes Callamard and David Kaye, is set to be released Wednesday and is expected to confirm that Bezos’s mobile phone was hacked using a WhatsApp message from bin Salman, the Washington Post reported late Tuesday.

It’s uncertain whether the alleged hack of Bezos’s phone accessed any sensitive Amazon corporate information. The company hasn’t commented on the matter in the nine months since de Becker’s accusation. Company representatives didn’t return messages seeking comment on Tuesday.

“It’s unclear whether his phone had more, privileged access to information from his companies,” said Bastien Bobe, an analyst at cybersecurity firm Lookout. “That would not be in line with security practices and risk mitigation at companies though. But technically it would be feasible for that technology to access the data.”

–With assistance from Spencer Soper, William Turton and Helene Fouquet.