Here’s another twist in the mystery of just how pictures of Amazon CEO and billionaire Washington Post owner Jeff Bezo’s dick, along with sexts to his then-mistress Lauren Sanchez, ended up in the hands of the National Enquirer last year: Saudi Crown Prince Mohammed bin Salman may have personally infected his phone with malware in May 2018.
That’s according to a Tuesday report in the Guardian, which wrote “sources” said a “digital forensic analysis” concluded that while Bezos was having what was surely a very relatable conversation with the Saudi strongman via encrypted chat service WhatsApp, bin Salman sent him an unsolicited video file containing malware. The Financial Times filled in some more details later, reporting FTI Consulting cybersecurity expert Anthony J. Ferrante had led the analysis, which concluded Bezos’s phone had transmitted dozens of gigabytes of data after the crown prince sent the file.
This was a “massive and unauthorised exfiltration of data from Bezos’s phone began, continuing and escalating for months,” the analysis stated, according to FT. The paper wrote that while it had seen the analysis, the document did not claim to present indisputable evidence showing what had happened, nor could it be independently verified.
Neither the Guardian or FT named the malware in question, but FT quoted the report as stating “the compromise was likely facilitated by malicious tools procured by [Saud] al-Qahtani,” a notorious adviser to bin Salman. Prior reporting has shown the Saudi government likely acquired malware from shady Israeli cyber-intelligence firm NSO Group, the developer of a powerful phone-hijacking kit called Pegasus that reportedly spread via WhatsApp vulnerabilities. In October 2019, WhatsApp patched a double-free vulnerability which specifically relied on GIF files to spread malware.
The Guardian wrote sources said the report implicating the crown prince was credible enough to warrant review by Agnès Callamard, the UN special rapporteur who looks into extrajudicial killings. Callamard investigated the Saudi government’s torture and murder of Saudi dissident-in-exile and Washington Post contributor Jamal Khashoggi at its consulate in Turkey in early October 2019. Separate analysis by the Canada-based Citizen Lab found that another dissident in contact with Khashoggi before his death was targeted for surveillance via NSO Group’s Pegasus software.
A separate report in the Washington Post stated the UN will be releasing a report on their findings on Wednesday.
All “client work is confidential,” FTI Consulting told FT. “We do not comment on, confirm or deny client engagements or potential engagements.”
It’s not clear how any data stolen would have ended up in the hands of the National Enquirer and its parent company American Media, Inc. (AMI). The Enquirer published stolen sexts between Bezos and Lauren Sanchez in January 2019, but not before he and his then-spouse MacKenzie Bezos had announced their divorce. Bezos claimed that AMI later threatened to release other material including photos of his penis as part of a blackmail attempt demanding he stop investigating the Enquirer’s sources.
Rather than bow to AMI’s demands, Bezos instead went public with news of the alleged extortion in February 2019, implying the Saudi government and possibly even Donald Trump was involved.
The relationship between Bezos and Salman rapidly went sour amid the international fallout of Khashoggi’s murder, after which Bezos had ceased communicating with him, according to the FT. But on at least two subsequent occasions, Bezos received texts from the crown prince.
One bizarre message sent in February 2019 seemed to refer to then-private, over-the-phone briefings Bezos had received on the extent of Saudi digital espionage efforts against him, according to the FT: “All what you hear or told to it’s not true and it’s matter of time will tell [sic] you know the truth, there is nothing against you or Amazon from me or Saudi Arabia”.
A security consultant hired by Bezos, Gavin De Becker, already claimed in March 2019 the Saudis were involved in the data leak. But AMI repeatedly insisted the Saudis weren’t involved and the Enquirer’s source was actually Michael Sanchez, Hollywood agent and the brother of Bezos’s mistress. Michael Sanchez has instead characterized himself as involved only to protect Bezos and his sister from snooping tabloids.
If the latest report is accurate, it would further jeopardize the infamously oppressive Saudi government and the crown prince’s efforts to rebrand as modernizing forces in the Middle East.
“[Mohammed bin Salman] probably believed that if he got something on Bezos it could shape coverage of Saudi Arabia in the Post,” Middle East expert and former National Security Council official Andrew Miller told the Guardian. “It is clear that the Saudis have no real boundaries or limits in terms of what they are prepared to do in order to protect and advance MBS, whether it is going after the head of one of the largest companies in the world or a dissident who is on their own.”
The Saudi government denied any wrongdoing in a statement to FT.
“Saudi Arabia does not conduct illicit activities of this nature, nor does it condone them,” a Saudi official told the paper. “We request the presentation of any supposed evidence and the disclosure of any company that examined any forensic evidence so that we can show it is demonstrably false.”
Bezos is far from the only one who might be having second thoughts about chatting with bin Salman over WhatsApp. White House adviser Jared Kushner reportedly used the app to discuss foreign affairs with the crown prince and has continued to defend him even in the wake of Khashoggi’s murder; Kushner and the president met with Saudi Vice Minister of Defense Khalid bin Salman in the Oval Office just a few weeks ago.