You can read the forensics report that suggests Prince Mohammad Bin Salman Al Saud hacked Jeff Bezos's phone

Originally published at:

“Hello. I am a Nigerian Saudi prince, and I am willing to pay you to assist me in recovering funds that are owed me…”


delivered via an encrypted downloader hosted on WhatsApp’s media server

How does this work? Does WhatsApp allow you to upload programs to their servers to run? That seems like a huge attack surface.

If the richest guy in the world can get hacked, presumably with an army of security techs at his disposal, what hope do the rest of us poor schmucks have?

1 Like

Well, to be fair, no one wants to hack YOU specifically. Lots of people want to hack the rich and powerful.

1 Like

Just goes to show that even the rich and powerful (and tech savvy) still can’t resist clicking on video links.

Mr Bone Saw kind of gave things away when, after Bezos had some private, and rather secret, conversations about how Saudi Arabia had started an online propaganda campaign against him by, out of the blue, texting him that SA wasn’t targeting him at all… I mean, it was essentially, “Don’t believe those liars, we aren’t spying on you!” That’s a straight-up comedy bit.

1 Like

If I understand correctly, they are referring to the encrypted downloader that is part of WhatsApp’s own systems, not some additional application that was uploaded to WhatsApp’s servers to run there. They are saying that since the actual attachment was encrypted in transit, they can’t be sure that the video was really the only thing that came down the pipe when Bezos clicked the button to download/view the video.

If you don’t find any malicious code in the video itself, but the problem started when the video was downloaded, you have to look for an alternate reason why downloading the video would trigger the problem (in this case, massive amounts of data getting exfiltrated from the phone).

Well, to be fair, no one wants to hack YOU specifically.

That doesn’t mean people aren’t trying to hack you (they definitely are), just that they don’t know or care who you are.

Right, but lack of direct targeting means you’re more likely to get hit by a broad fishing attack, not someone trying to actually personally hack you. Safety in numbers, I suppose.

This topic was automatically closed after 5 days. New replies are no longer allowed.