Connect with us

Tech News

Saudi Hack of Bezos’ Phone Shines Bright Light on Security Challenges | Hacking

Published

on

A digital forensic analysis conducted by Anthony Ferrante of business advisory firm
FTI Consulting concludes with “medium to high confidence” that Amazon CEO Jeff Bezos’ smartphone was hacked through a malicious file sent from the WhatsApp account of Saudi Arabian crown prince Mohammed bin Salman.

The malware was in an MP4 file attached to a WhatsApp message.

FTI Consulting forwarded its findings to United Nations special rapporteurs who released
technical elements of the report.

Rapporteurs investigate the promotion and protection of freedom of opinion and expression, among other things.

FTI Consulting declined our request to comment for our story, stating that all client work is confidential.

Saudi Arabia’s embassy in the United States has denied the allegations.

Element of Uncertainty

The reason FTI qualified its conclusion likely is because “computer forensics isn’t always an exact science, and the experts might be limited by the data and evidence they have in hand,” said Tim Erlin, VP of product management and strategy at Tripwire.

“There may also be unanswered questions or alternatives to consider,” he told TechNewsWorld.

FTI’s conclusion “suggests they have a sequence of events that makes it likely that the video attachment carried malware, but they either didn’t prove causality or can’t be sure the crown prince created the hack as opposed to his just forwarding a compromised email,” suggested Rob Enderle, principal analyst at the Enderle Group.

“It rarely gets stronger than this unless the alleged perpetrator confesses, or the intelligence organization gets access to the entire chain of evidence,” he told TechNewsWorld.

The malware “appears to have had a self-destruct built in, making it impossible to have 100 percent concrete proof,” noted Liz Miller, principal analyst at Constellation Research.

FTI’s investigators “did not find even remnants of the malware code on the device, but did find a file with an encrypted downloader that had been delivered with the video,” she told TechNewsWorld.

WhatsApp, which hosted the downloader, has end-to-end encryption, which prevents investigators from accessing the downloader’s contents or code, Miller pointed out.

Chain of Events

The prince
initiated a WhatsApp messaging conversation with Bezos on April 28, 2018, after they met at a dinner in Hollywood.

On May 1 Bezos received a message with a video attachment from the prince’s WhatsApp account.

Within hours, the volume of data transmitted from Bezos’ phone skyrocketed by 30,000 percent, FTI found. Data spiking continued over several months, at rate as much as 106 million percent higher than before the video was received.

“How did it take months for this to be noticed?” wondered Constellation’s Miller.

FTI found that on two later occasions the prince sent messages to Bezos that suggested he had knowledge of his private communications:

  • One, on November 8, 2018, included a photo of a woman strongly resembling Lauren Sanchez, whom Bezos was dating;
  • The other was sent February 16, 2019, two days after Bezos had participated in phone conversations about the Saudis’ alleged online campaign against him.

The UN special rapporteurs have linked the hack of Bezos’ smartphone to stories in his newspaper, The Washington Post, about the role of the Saudi prince and the Saudi government in the murder of Post journalist Jamal Khashoggi.

Pegasus Threat

“I can’t remember how many times in the past decade I’ve read something about a critical security flaw in WhatsApp that allows access to users’ phones,” remarked Oliver Münchow, founder of security awareness and training company
Lucy Security.

“I’m surprised no one told Jeff not to use it after its history of epic security fails,” he told TechNewsWorld.

The malware used was “most likely mobile spyware such as NSO Group’s Pegasus, or, less likely, Hacking Team’s Galileo,” FTI’s analysis suggests.

The Saudi Royal Guard acquired Pegasus-3 spyware from NSO Group, an Israel-based firm, FTI found. The spyware also was used against Saudi dissidents.

Pegasus spreads through malicious links “often sent through chat apps like WhatsApp and Messenger,” said Paul Bischoff, privacy advocate at
Comparitech.

“Once on a device, the malware jailbreaks iPhones so that it can track phone calls, texts, keystrokes and location, and access the phone’s microphone and camera. It also affects Android phones,” he told TechNewsWorld.

Consumers “must maintain a healthy sense of paranoia when it comes to links and attachments,” said Rosa Smothers, senior VP of cyber operations at
KnowBe4.

“Think before you click on any links or attachments sent to you,” she told TechNewsWorld. “Were you expecting the email or attachment? If your spidey sense tingles, call the sender and confirm they sent it.”

That said, “security always ranks high on surveys of the things consumers want, but no one is ever willing to pay for it,” remarked Jim McGregor, principal analyst at Tirias Research. “As a result, it’s never a priority.”

Security also is challenging because of the rapid pace of technology, he told TechNewsWorld. “Artificial intelligence should eventually improve security, but nothing will ever be 100 percent secure.”

Aftermath of the Hack

The UN rapporteurs have called for an investigation into the hack and said the use of WhatsApp as a platform to enable installation of Pegasus onto devices has been well documented.

Meanwhile, Facebook and WhatsApp have
filed suit against NSO Group Technologies in a U.S. federal court, and a court in Israel
has begun hearings to determine whether the NSO Group should have its export license revoked.

NSO has denied allegations against it.

“If someone with Bezos’ power and position is a target, it doesn’t bode well for anyone who doesn’t have that level of protection,” Enderle observed. “It makes you wonder how many other U.S. citizens are being spied on like this by a hostile state.”


Richard Adhikari has been an ECT News Network reporter since 2008. His areas of focus include cybersecurity, mobile technologies, CRM, databases, software development, mainframe and mid-range computing, and application development. He has written and edited for numerous publications, including Information Week and Computerworld. He is the author of two books on client/server technology.
Email Richard.



Source link

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Tech News

Kerbal Space Program 2 Moved to New Development Studio

Published

on

By


Kerbal Space Program 2 Moved to New Development Studio







Private Division spoke to GamesIndustry.biz about the development progress of the Kerbal Space Program 2 (KPS2) after the success of Kerbal Space Program (KPS). KPS was developed and published by the studio, Squad. Private Division acquired the rights to KPS in 2017, taking over publishing and distribution of the game while Squad still maintains and occasionally updates the game.

The opening of this new studio, whose purpose is dedicated solely to the ongoing development of KSP, is a reinforcement of our promise to bring the best experiences to our fans and players for Kerbal Space Program 2 and beyond.

Private Division started work on KSP2 almost immediately, assigning the project to Star Theory (formerly Uber Entertainment). Now, Private Division has moved development from Star Theory to a new studio that is yet to be named. The current status of Star Theory is unknown, but some members did move to Private Division from there.

A statement from Private Division read, “We’re very excited about the launch of Kerbal Space Program 2 in Take-Two’s fiscal year 2021. Private Division believes strongly in the talented group of developers behind the game. The decision to open our own studio and move development in-house allows us to provide the development team with the necessary time and resources to complete development of KSP 2 at the quality level we all want to deliver our players. Our goal – and the goal of our developers – is to provide our community with the highest level gaming experience with Kerbal Space Program 2.”

The new studio is going to be lead by Jeremy Ables, and creative director Nate Simpson and lead producer Nate Robinson are joining his move. All three of them were integral to the development of KSP2 since it started at Star Theory. Star Theory has yet to comment on the change in studio development for KSP2.




Source link

Continue Reading

Archives

Categories

Trending