Almost two years ago, Jeff Bezos’ iPhone was hacked. Then, in 2019, the Amazon CEO is on a mission to figure out who did it and how. The study is, of course, tied up with the alleged blackmail and extortion situation from early 2019. But the interesting part of this story isn’t that the hackers targeted Bezos’ phone and hacked, but how they did it.
To find out that, Bezos hired cyber security experts specialized in forensic analysis. The result of the investigation showed that Bezos’ iPhone was hacked.
This can be a surprise to all of us, because most of the people think that the iOS is “one of the most secure” operating system for smartphones. But as you know, nothing is secure in this world, only death, in the way that everybody is going to die in some point of our lives.
Based on a report by The New York Times, the forensic analysis reveal that the attackers took advantage of a security vulnerability in one of the most popular messaging apps: WhatsApp. They used that vulnerability to install malware on Bezos’ iPhone.
On May 1, 2018, Mohammed bin Salman, the Saudi crown prince, sent a WhatsApp message containing a 4.4MB video file of Saudi and Swedish flags and some Arabic text. Cybersecurity experts said that some malware did not require anyone to click on the file for it to install on a phone.
Based on the forensic analysis, the video had a tiny bit of code hidden that successfully exploited a vulnerability in WhatsApp Messaging app that installed a malware on Bezos’ iPhone X that gave attackers access to Mr. Bezos’ entire phone. As soon as the malware was installed, the iPhone started to send large amounts of data. Based on the analysis report, those data contained personal and sensitive information.
What kind of information they got? Private pictures, videos, and messages. Those pictures and messages showed Mr. Bezos, who was married at the time, with another woman, Lauren Sanchez.
There are a lot of mysteries about this forensic analysis, we don’t know what kind of malware was used, who revealed Jeff Bezos’ phone number to send those files? Did he open the video he received?
Based on the report, the malware was highly advanced. It wasn’t a generic malware, in fact, it was tailor-made by cyber security experts that was above the average of most of the best cyber criminals in the market.
And, of course, Facebook — who owns WhatsApp — has since fixed the vulnerability that the malware likely exploited.
What This Means for You
Smartphones like iPhones, like everything that is connected to the internet, can be hacked. Luckily, the average iPhone user has different security needs than the CEO of Amazon.
With the required resources and time, there’s a good chance that a hacker can compromise your device. But unless you’re a public figure, there may not be much motivation for a determined hacker to specifically target you.
Even if you’re an average iPhone user, you may still be a target for cybercriminals. With that in mind, here are a few simple tips to help keep you safe.
- Avoid clicking on links, files or websites that you’re unsure about — particularly from contacts you don’t know. Even from known contacts, give a call and ask what is it about.
- Be suspicious of any person, site or app requesting personal information like financial data or passwords.
- Don’t allow unknown apps to access sensitive data or special permission to keep functioning.
- Keep iOS and all of your third-party apps as up-to-date as possible.
- Don’t install configuration profile from a third-party on your device, it’s one of the easiest ways for an attacker to get malware on it.
- Use two-factor authentication and a password manager to keep your important accounts secure just in case you do get hacked.