Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Privacy Cellphones Security Technology

Amazon Boss Jeff Bezos' Phone 'Hacked By Saudi Crown Prince' (theguardian.com) 73

According to the Guardian, Amazon CEO Jeff Bezos had his phone "hacked" in 2018 after receiving a WhatsApp message from the personal account of the crown prince of Saudi Arabia. From the report: The encrypted message from the number used by Mohammed bin Salman is believed to have included a malicious file that infiltrated the phone of the world's richest man, according to the results of a digital forensic analysis. This analysis found it "highly probable" that the intrusion into the phone was triggered by an infected video file sent from the account of the Saudi heir to Bezos, the owner of the Washington Post.

The two men had been having a seemingly friendly WhatsApp exchange when, on May 1 of that year, the unsolicited file was sent, according to sources who spoke to the Guardian on the condition of anonymity. Large amounts of data were exfiltrated from Bezos's phone within hours, according to a person familiar with the matter. The Guardian has no knowledge of what was taken from the phone or how it was used. [...] The disclosure is likely to raise difficult questions for the kingdom about the circumstances around how U.S. tabloid the National Enquirer came to publish intimate details about Bezos's private life -- including text messages -- nine months later. It may also lead to renewed scrutiny about what the crown prince and his inner circle were doing in the months prior to the murder of Jamal Khashoggi, the Washington Post journalist who was killed in October 2018 -- five months after the alleged "hack" of the newspaper's owner.

This discussion has been archived. No new comments can be posted.

Amazon Boss Jeff Bezos' Phone 'Hacked By Saudi Crown Prince'

Comments Filter:
  • You'd think the article would indicate what brand of phone and OS he was using.

    • Was it a FirePhone, maybe? Could it even explain why they scrapped that project?

    • It sounds more like the attack vector was WhatsApp. I don't know how you can "infect" a video file - those are just audio and video, maybe subtitles and a chapter index. if you download a video, it just sits on your phone. OTOH, if there's a bug in how WhatsApp handles video, then you could exploit it to get elevated privileges on the phone. If the security hole was WhatsApp, the phone model and OS are for the most part irrelevant.
      • Maybe the video tricks the user into thinking he first needs to download and install a proprietary "codec" to view the video, just like that recent facebook "video"?

        Just make a video showing a text "your phone cannot view this video. Please download driver from http://xyz.abc/def.exe [xyz.abc] to view it", and some people might fall for it...

        That, or a buffer overflow in whatsapp

      • Buffer overflow or similar? I think if a buffer overflow or similar exploit is found then infection should be trivial.

        • Wasn't Java/managed-runtime supposed to end buffer overflows?

          • by ameline ( 771895 )

            HAHAHAHAHAHAHAHA - No.
            (ok, it was *supposed* to, but these days with all the timing side channel attacks and rowhammer, and probably things we don't even know about yet, nothing is secure -- nothing.)

  • Trump no doubt (Score:1, Interesting)

    by Anonymous Coward
    This is what the Crown Prince had to do for Trump to look the other way on Khashoggi. Same thing super genius was going for in Ukraine.
  • by DogDude ( 805747 ) on Tuesday January 21, 2020 @05:16PM (#59642380)
    You've got to be a special kind of stupid to use a "smart" phone when you have assets like that. I'm concerned about being a target, and I'm a little guy. The fact that Bezos is still using a "smart" phone (and sending dick pics) says that he's really got a few screws loose.
    • by TWX ( 665546 ) on Tuesday January 21, 2020 @05:28PM (#59642414)

      Eh. His wealth was created by building a company that used the Internet as the world's most available catalog, it would make sense that he would want or need to have several forms of communication instantly available to him even when his personal staff aren't immediately with him.

      His mistake was using a communications device that went through a regular provider. He probably should have had a phone-like device, configured to tunnel through whatever provider he was using back to an Amazon IT center, where literally everything could be sanity-checked, at least from a probability standpoint, for legitimacy, and cut-off if not legitimate.

      Basically the "phone" would be a virtual machine or chroot jail running on the hardware whose job is to act as that network tunnel, and all communications from the "phone" are checked, plus all incoming communications are checked as well. This even works to an extent for encrypted traffic, since things like communications protocols headers and other traffic usually conform to preset patterns, the traffic exchange when you use a protocol is identifiable even if the contents aren't viewable. Additionally, the time of day that certain kinds of traffic occur can be compared to baslines to determine the likelihood of legitimacy. If a phone is trying to connect-out at 3:30am to send out a large amount of information then it's very likely that it's not legitimate and the servers in between can cut the cord and alert the IT staff or even the user.

      Additionally the hardware layer could have its own software that analyzes what's running in the chroot jail or VM to analyze what it's doing, like going through files that it has no reason to go through.

      • by DogDude ( 805747 ) on Tuesday January 21, 2020 @05:38PM (#59642460)
        Oh, absolutely. It's a matter of risk. With the amount of money he's worth, and the amount of stuff he controls, you're right, he should have something custom, and he should probably have a team of people monitoring his personal communications all of the time.
        • by TWX ( 665546 )

          And if he's smart about how he sets it up, that entity that monitors his communications is a function of his personal lawyer.

      • He's rich enough to buy his own ISP and a company that makes phones to go with it, why he diddles around with the same crap you and I (non-billionaires) do is beyond me.

        • Even billionaires need to say hi to mom and dad every once in a while. But why would it have anything other than his private conversations on it? FFS, I'd be buried in miles of encryptioni and aides monitoring everything in and out with any device that had sensitive info on it. Oh, you hacked my phone? Enjoy my travel photos and texts saying "Hey honey, can we have roast chicken tonight? I'm feeling like something simple. Tell the chef."
        • you and I (non-billionaires) do

          Fine... include me out, whydoncha. You know, you could have just said, "us slashdotters do"

        • why he diddles around with the same crap you and I (non-billionaires) do is beyond me.

          Same reason why people like you and I install WhatsApp: to communicate with other people who insist on using WhatsApp and nothing else.

          Even virtual machines and firewalls would not have helped here: either WhatsApp would have tunneled right through them, or on the contrary these would have blocked WhatsApp, causing the user to forego them "just this time".

          • Same reason why people like you and I install WhatsApp: to communicate with other people who insist on using WhatsApp and nothing else.

            He could have bought WhatsApp lock, stock, and barrel and had them build a secure version. And that includes the buildings they're in and all of the employees' homes and cars. It wouldn't even amount to a rounding error for him on his bank balance.

      • by tlhIngan ( 30335 )

        His mistake was using a communications device that went through a regular provider. He probably should have had a phone-like device, configured to tunnel through whatever provider he was using back to an Amazon IT center, where literally everything could be sanity-checked, at least from a probability standpoint, for legitimacy, and cut-off if not legitimate.

        Such a pity an Amazon Phone didn't exist, ever. You know, a phone designed and sold by Amazon that uses Amazon's services. Sort of like a Kindle, but mo

    • by Tailhook ( 98486 ) on Tuesday January 21, 2020 @05:41PM (#59642476)

      (and sending dick pics)

      That actually happened didn't it? LOL.

      How mortifying.

    • It is funny, but they wear all these silk jackets and things, excessively comfortable clothes, if they carry two devices to keep their phone separate from their apps, it would weigh down their pockets. They need a single device they can carry, and set down on the table in front of them, their clothes are not functional enough for things like "secure devices."

    • Given that Amazon actually makes an Android tablet and once made a phone, it wouldn't surprise me if there was a custom phone build available for senior Amazon execs with a bunch of extra security baked in along with cloud sync, always-on VPN, remote monitoring, etc.

      What's kind of surprising is that there *isn't* some kind of high security phone platform like this commonly on the market and used by the Fortune 500 for their senior/high security personnel. It's kind of crazy how much of their data is probabl

      • What's kind of surprising is that there *isn't* some kind of high security phone platform like this commonly on the market and used by the Fortune 500 for their senior/high security personnel. It's kind of crazy how much of their data is probably easily accessible by Apple or Google because they use an ordinary consumer platform, even if it has MDM and various OS supported privacy lockdowns.

        I believe these phones exist, but we don't know of them because they do not have to market to the masses.

        https://www.intactphone.com/ [intactphone.com]

        https://www.silentcircle.com/ [silentcircle.com]

        However, I'm not sure even those are immune to exploits against the baseband chipset:
        https://www.researchgate.net/p... [researchgate.net]

      • by DogDude ( 805747 )
        Given that Amazon actually makes an Android tablet and once made a phone, it wouldn't surprise me if there was a custom phone build available for senior Amazon execs with a bunch of extra security baked in along with cloud sync, always-on VPN, remote monitoring, etc.

        If that were the case, I doubt the planet would have been able to have access to pictures of Jeff Bezo's penis.
  • Bad idea (Score:5, Funny)

    by dlleigh ( 313922 ) on Tuesday January 21, 2020 @05:29PM (#59642418)

    The crown prince is going to get his Amazon Prime cancelled. You don't mess with Bezos!

  • Comment removed based on user account deletion
    • Secure phones don't exist. They are all built off of closed source (even Android).

    • by AK Marc ( 707885 )
      "Secure" means "unusable". Users prefer insecure phones.

      It was an external app he manually clicked on. A video hijacked WhatsApp, which had the rights to see files, and send them off the phone. Permissions should limit apps to a DL folder, but that's not how any OS works. Some phones claim to be more secure than others, but the only way to enforce that is to run every app in a separate sandbox. And nobody does that. Maybe Amazon could put something together...
      • Re:Holy shit! (Score:4, Informative)

        by ceoyoyo ( 59147 ) on Tuesday January 21, 2020 @07:36PM (#59642790)

        Permissions should limit apps to a DL folder

        iOS does that. Actually, it didn't let apps have access to the filesystem at all, which people complained about forever, so now it gives access to a very limited sandboxed filesystem. Which people complain about.

      • Users prefer insecure phones.
         

        That explains push notifications.

    • by Cyberax ( 705495 )

      All that money, and he can't buy a secure phone?

      Trump and Kushner also use WhatsApp (to avoid the possibility of FOIA requests). I wonder how many three-letter agencies have installed spyware on them...

      • by gtall ( 79522 )

        "I wonder how many three-letter agencies have installed spyware on them..." All of them. After all, if you were working for the U.S. Government, would you trust Trump and his grifter family?

  • by rsilvergun ( 571051 ) on Tuesday January 21, 2020 @05:32PM (#59642432)
    Two supremely rich ***holes fighting among themselves. This is like AvP. No matter who wins, we lose.
    • by jrumney ( 197329 )

      Alternatively, the Saudi prince's phone had already been hacked, and was a stepping stone to get to other targets. The question is whether it was by a nation state, or the usual Russian mob after things of value to sell on the dark market. The National Enquirer story would suggest the latter, though the timing was a bit slow.

      • just a potentially different set of rich ***holes.
        • Also I find it hard to believe that if you exploited a world leader's phone you'd risk that by trying to launch an attack off it.
          • It depends, with the current generation of people who absolute definitely must have the latest shiny phone, changing devices every few months, specially if the person in question has more money than brains, the lifetime of the compromised device can be pretty short.
      • David Pecker had been operating as a PR agent for MBS the past several years. Printed and distributed a 100+ page promo brochure about how MBS was renovating Saudi Arabia. Bezos was able to quickly connect the dots between MBS hacking his phone and the Enquirer extorting him [medium.com] with the resulting info. MBS was using David Pecker's National Enquirer to weaponize the materials his group stole from Bezo's phone.
      • by Zocalo ( 252965 )
        Yeah, that possibility occurred to me too. Occam's Razor is one thing, but this feels like it's a bit too blatant to be MBS (or more likely Saudi Intelligence) due to the obvious timeframe issues were the compromise to be discovered since Bezos would obviously insist a full-on forensic analysis be done. I think it's actually at least as likely that a third party had already rooted MBS' phone, was monitoring the exchange with Bezos in near realtime, and decided that the opportunity to have a pop at Bezos'
      • by gtall ( 79522 )

        The Nat. Enquirer has a long history with Trump helping him bury (catch and refuse to release) stories from people who Trump has dicked over. They buy the rights and then bury the story. So it is more likely the Saudi's trying to get on Trump's good side because they know he has no loyalty to any allies. The U.S. should have severed its ties to that inbred pile of Saudi beef jerky long ago.

  • So this Saudi person had access to Jeff's phone... then what value was extracted from this?

    • by Anonymous Coward

      So this Saudi person...

      Priceless. That's like calling Warren Buffet "some guy from Nebraska." Or Carlos Slim "some guy from Mexico."

      • "So this Saudi person...

        Priceless. That's like calling Warren Buffet "some guy from Nebraska." Or Carlos Slim "some guy from Mexico."

        It's MBS short name or Man with Bone Saw long name.

        • The Saudis call him Abu Rasasa [businessinsider.com]

          One reported example involved MbS and a Saudi land-registry official. The crown prince reportedly demanded that the official "help him appropriate a property," and when the official refused, he received an envelope that contained a single bullet.

          MbS was apparently given the name "Abu Rasasa" by the people of Saudi Arabia. The nickname translates to "father of the bullet" in English

          Some journalist/analyst calls him Gadaffi on Steroids [aljazeera.com]

          This is Gaddafi on steroids. This is worse than Gaddafi because he [MBS] has billions of dollars to spend on the US, on PR, on lobbying, on buying consensus. This is where the danger lies.

    • "So this Saudi person had access to Jeff's phone... then what value was extracted from this?"

      The Saudi prince can now watch Amazon Prime for free.

    • by EvilSS ( 557649 )
      The prince just wanted to get the Prime Day sales list early.
    • Comment removed based on user account deletion
  • Two phones (Score:5, Insightful)

    by DanielRavenNest ( 107550 ) on Tuesday January 21, 2020 @06:01PM (#59642524)

    When you're the world's richest man, you should be able to afford *two* phones. A dumb phone you hand out the number to random outsiders like a Saudi prince, and is only used for voice.

    And a smartphone that only connects to your AWS servers, who scan all incoming and outgoing data to prevent malware and stolen data.

    • by atisss ( 1661313 )

      You can't exactly scan data sent by proprietary protocols like whatsapp.

    • Comment removed based on user account deletion
    • by jandoe ( 6400032 )

      random outsiders like a Saudi prince, and is only used for voice

      How do you know he's a random outsider? Maybe they are BFFs? Do you assume they are not hanging out together just because one of them is running a evil empire, exploiting thousands of people, laughing at human rights and climate change issues while the other is a prince?

  • by Kotukunui ( 410332 ) on Tuesday January 21, 2020 @06:10PM (#59642564)
    Is there anything to suggest that the Crown Prince's phone was compromised and used as an attack vector for Bezos' phone by a third party? If the head of one of the world's biggest tech companies has been compromised, what's to say that a Saudi Crown Prince couldn't suffer the same hack. Some pirate looks through the Prince's contact list and thinks "Oooo... Jeff Bezos! Let's go for his phone next..." Unlikely? Maybe... Possible? I guess so..
    • What's to even say that it was HIS account that sent it and the number wasn't spoofed? I can't even count the # of calls i see a day from spoofed numbers in area i live hell they even spoofed MY OWN number to call me so it shows up as me calling myself.
    • I thought the same. However, don't you think that if the video was not sent by the prince, Bezos would have noticed? What kind of video content could the attacker had sent to Bezos so he didn't find it fishy to receive it? The alternative is that the attacker had infected every video of the Prince, in case he sent the video to some one. This is possible, but the level of access to the Prince's phone had to be huge, so every video he had was infected.
    • Comment removed based on user account deletion
  • Perhaps they can add Huawei into the mix somehow. Chances are a piece of Huawei hardware somewhere in between. This is just for amusement. No substantive info to suggest Huawei , Nokia or Ericsson involved.
  • Please quit the dumm down descriptions and publish an informative and useful news article. What type of video container, on what [mobile] OS would allow permissions to other than display the included data.

    I mean if you want to tell me someone embedded scripting with an extension that Outlook executed other than what the user gave permission to launch, I'll buy that. But if you expect me to believe that there's a method of sending a user a jpg, mpg, mp4, mkv or similar that does other than launch the truste

  • So the phone was cut into pieces and disposed of in the middle of the night?

"Inquiry is fatal to certainty." -- Will Durant

Working...