Cyber experts question Bezos hack report claims

Cyber security experts cast doubt on a report accusing Saudi Arabia’s Crown Prince Mohammed bin Salman of hacking into the cellphone of Amazon founder and Washington Post owner Jeff Bezos, saying it had not found any hard evidence.

The allegation, swiftly denied by the Saudi government, was made in a report by Washington-based consultancy FTI Consulting which concluded with “medium to high confidence” that Bezos’s iPhone X was compromised via malware they allege originated from a video sent by the Crown Prince to Bezos on May 1, 2018.

The FTI Consulting report, originally published in November, was picked up on Wednesday by UN special rapporteurs, Agnes Callamard and David Kaye, who said in a statement that they were “gravely concerned” by its findings.

Cyber security experts questioned FTI Consulting’s conclusions, saying the report was not based on a thorough forensic examination.

“The details really matter here and the public reporting falls short of any real firm smoking gun,” iPhone security expert and CEO of Guardian Firewall Will Strafach was quoted as saying by The Associated Press.

The FTI Consulting report was commissioned by Bezos and originally published in November last year.

Experts noted that the report published by the UN rapporteurs said that no known malware was detected on Bezos’s phone when it was tested. Furthermore, they pointed to the statement in the report that said: “Initial results did not identify the presence of any embedded malicious code” after analysis of what they called the “suspect video file”.

While Strafach noted that it was possible that if Bezos was hacked and that the hackers could have deleted all the evidence, the report did not show that any malware was actually on the phone.