Skip to main content

Saudi Hack of Bezos’ Phone Shines Bright Light on Security Challenges | Hacking

A digital forensic analysis conducted by Anthony Ferrante of business advisory firm
FTI Consulting concludes with “medium to high confidence” that Amazon CEO Jeff Bezos’ smartphone was hacked through a malicious file sent from the WhatsApp account of Saudi Arabian crown prince Mohammed bin Salman.

The malware was in an MP4 file attached to a WhatsApp message.

FTI Consulting forwarded its findings to United Nations special rapporteurs who released
technical elements of the report.

Rapporteurs investigate the promotion and protection of freedom of opinion and expression, among other things.

FTI Consulting declined our request to comment for our story, stating that all client work is confidential.

Saudi Arabia’s embassy in the United States has denied the allegations.

Element of Uncertainty

The reason FTI qualified its conclusion likely is because “computer forensics isn’t always an exact science, and the experts might be limited by the data and evidence they have in hand,” said Tim Erlin, VP of product management and strategy at Tripwire.

“There may also be unanswered questions or alternatives to consider,” he told TechNewsWorld.

FTI’s conclusion “suggests they have a sequence of events that makes it likely that the video attachment carried malware, but they either didn’t prove causality or can’t be sure the crown prince created the hack as opposed to his just forwarding a compromised email,” suggested Rob Enderle, principal analyst at the Enderle Group.

“It rarely gets stronger than this unless the alleged perpetrator confesses, or the intelligence organization gets access to the entire chain of evidence,” he told TechNewsWorld.

The malware “appears to have had a self-destruct built in, making it impossible to have 100 percent concrete proof,” noted Liz Miller, principal analyst at Constellation Research.

FTI’s investigators “did not find even remnants of the malware code on the device, but did find a file with an encrypted downloader that had been delivered with the video,” she told TechNewsWorld.

WhatsApp, which hosted the downloader, has end-to-end encryption, which prevents investigators from accessing the downloader’s contents or code, Miller pointed out.

Chain of Events

The prince
initiated a WhatsApp messaging conversation with Bezos on April 28, 2018, after they met at a dinner in Hollywood.

On May 1 Bezos received a message with a video attachment from the prince’s WhatsApp account.

Within hours, the volume of data transmitted from Bezos’ phone skyrocketed by 30,000 percent, FTI found. Data spiking continued over several months, at rate as much as 106 million percent higher than before the video was received.

“How did it take months for this to be noticed?” wondered Constellation’s Miller.

FTI found that on two later occasions the prince sent messages to Bezos that suggested he had knowledge of his private communications:

  • One, on November 8, 2018, included a photo of a woman strongly resembling Lauren Sanchez, whom Bezos was dating;
  • The other was sent February 16, 2019, two days after Bezos had participated in phone conversations about the Saudis’ alleged online campaign against him.

The UN special rapporteurs have linked the hack of Bezos’ smartphone to stories in his newspaper, The Washington Post, about the role of the Saudi prince and the Saudi government in the murder of Post journalist Jamal Khashoggi.

Pegasus Threat

“I can’t remember how many times in the past decade I’ve read something about a critical security flaw in WhatsApp that allows access to users’ phones,” remarked Oliver Münchow, founder of security awareness and training company
Lucy Security.

“I’m surprised no one told Jeff not to use it after its history of epic security fails,” he told TechNewsWorld.

The malware used was “most likely mobile spyware such as NSO Group’s Pegasus, or, less likely, Hacking Team’s Galileo,” FTI’s analysis suggests.

The Saudi Royal Guard acquired Pegasus-3 spyware from NSO Group, an Israel-based firm, FTI found. The spyware also was used against Saudi dissidents.

Pegasus spreads through malicious links “often sent through chat apps like WhatsApp and Messenger,” said Paul Bischoff, privacy advocate at
Comparitech.

“Once on a device, the malware jailbreaks iPhones so that it can track phone calls, texts, keystrokes and location, and access the phone’s microphone and camera. It also affects Android phones,” he told TechNewsWorld.

Consumers “must maintain a healthy sense of paranoia when it comes to links and attachments,” said Rosa Smothers, senior VP of cyber operations at
KnowBe4.

“Think before you click on any links or attachments sent to you,” she told TechNewsWorld. “Were you expecting the email or attachment? If your spidey sense tingles, call the sender and confirm they sent it.”

That said, “security always ranks high on surveys of the things consumers want, but no one is ever willing to pay for it,” remarked Jim McGregor, principal analyst at Tirias Research. “As a result, it’s never a priority.”

Security also is challenging because of the rapid pace of technology, he told TechNewsWorld. “Artificial intelligence should eventually improve security, but nothing will ever be 100 percent secure.”

Aftermath of the Hack

The UN rapporteurs have called for an investigation into the hack and said the use of WhatsApp as a platform to enable installation of Pegasus onto devices has been well documented.

Meanwhile, Facebook and WhatsApp have
filed suit against NSO Group Technologies in a U.S. federal court, and a court in Israel
has begun hearings to determine whether the NSO Group should have its export license revoked.

NSO has denied allegations against it.

“If someone with Bezos’ power and position is a target, it doesn’t bode well for anyone who doesn’t have that level of protection,” Enderle observed. “It makes you wonder how many other U.S. citizens are being spied on like this by a hostile state.”

Richard Adhikari has been an ECT News Network reporter since 2008. His areas of focus include cybersecurity, mobile technologies, CRM, databases, software development, mainframe and mid-range computing, and application development. He has written and edited for numerous publications, including Information Week and Computerworld. He is the author of two books on client/server technology.
Email Richard.

This post “Saudi Hack of Bezos’ Phone Shines Bright Light on Security Challenges | Hacking” is originally from TechNewsWorld published on 2020-01-24 17:29:17. Hope you have liked the post. Don’t forget to share it using the social share buttons below this post.

Hows.in is an online portal where you will find such tech updates daily.

Follow us on Twitter @hows_in for all tech news and updates daily.



source https://hows.in/saudi-hack-of-bezos-phone-shines-bright-light-on-security-challenges-hacking/

Comments

Post a Comment

Popular posts from this blog

NAYA NAYA LOVE LYRICS – Sab Kushal Mangal

NAYA NAYA LOVE LYRICS – Sab Kushal Mangal Full Song Welcome to Hows.in. Here are the NAYA NAYA LOVE LYRICS – Sab Kushal Mangal of full song. Here we have published NAYA NAYA LOVE LYRICS – Sab Kushal Mangal for you to read. You can bookmark this page to open it in future whenever you need. NAYA NAYA LOVE LYRICS – Sab Kushal Mangal Naya Naya Love Lyrics Naya naya love, naya naya love Naya naya love, naya naya josh hai Heart beat tezz, heart beat tezz Heart beat tezz, ab nahi hosh hai Tu bada hot, tu bada hot Tu bada hot, thanda ho jayega Baat meri maan, baat meri maan Baat meri maan, varna pachtayega Baahon se cutie faraar ho jayegi Dhoondte rahoge nazar na aayegi Nayi wali jab, nayi wali jab Nayi wali jab dhoka deke jaayegi Purani girlfriend, purani girlfriend Purani girlfriend yaad aayegi Nayi wali jab, nayi wali jab Nayi wali jab dhoka deke jaayegi Purani girlfriend, purani girlfriend Purani girlfriend yaad aayegi Roz roz tujhko le jaayegi Club disko mein...
Post a Comment
Read more

Best hair removal creams for men to buy online in India

List of best hair removal creams for men to buy online in India . We have reviewed 9827 hair removal creams for men online and crafted the list of top 10 hair removal creams for men . You must checkout the list if you planning to buy a hair removal creams for men online. source https://hows.in/best-hair-removal-creams-for-men-to-buy-online-in-india/
Post a Comment
Read more

iOS Copy-Paste Data Vulnerable to Snooping by Other Apps: Researchers

When it comes to data privacy and security, Apple has rarely shied away from taking credit for its encryption and security. Even in the tech industry, analysts have time to time lauded the company for its relatively secure operating system when compared to its immediate competitors. But now an alleged flaw in its ecosystem, exposed by two researchers, may allow personal data in Apple’s iPad and iPhone devices to be intercepted. According to Talal Haj Bakry and Tommy Mysk, when a user copies any miscellaneous data, it gets stored on Apple’s general pasteboard (commonly known as clipboard). This data temporarily stored to the device’s memory can be accessed by all apps, thereby, risks revealing private information such as a user’s GPS coordinates, passwords and banking details. “iOS and iPad operating system apps have unrestricted access to the system-wide general pasteboard,” the duo noted in a post published on Monday. They added saying, “A user may unwittingly expose their precise ...
Post a Comment
Read more