This article is more than 7 months old

This article is more than 7 months old

UN investigators are poised to release a statement about the alleged hacking of Jeff Bezos’s mobile phone after the Guardian revealed details of a forensic analysis that has implicated a WhatsApp account purportedly owned by the crown prince of Saudi Arabia.

The astonishing disclosure prompted a Democratic lawmaker in the US to urgently demand more information about the malware that was allegedly used to infiltrate Bezos’s phone in the 2018 hack of the Amazon founder.

Ron Wyden, a Democratic senator from Oregon, said in a letter to Bezos that the alleged breach of the billionaire’s phone “appears to be part of a growing trend”, citing reports that Saudi Arabia had acquired cyber-hacking capabilities from Hacking Team, based in Italy, and Israel’s NSO Group.

Wyden reacted following a Guardian story that cites sources who said the alleged “hack” occurred after Bezos apparently received a video file sent to him by Mohammed bin Salman’s WhatsApp account. Large amounts of data were allegedly exfiltrated from Bezos’s phone within hours of him receiving the video file.

Play Video 3:12 Jeff Bezos, the Saudi crown prince, and the alleged phone-hacking plot – video explainer

David Kaye, a UN special rapporteur on freedom of opinion and expression, said in a tweet that he and Agnès Callamard, the special rapporteur on extrajudicial murders, would announce further information about the alleged Bezos hack on Wednesday morning.

Bezos – the owner of the Washington Post – is the most high-profile alleged victim of Saudi Arabia’s cyber-surveillance efforts, but independent experts have concluded that a number of dissidents and activists living outside Saudi Arabia have also been targeted by the kingdom. They include close associates of Jamal Khashoggi, the Washington Post journalist who was murdered in the Saudi consulate in Istanbul in October 2018.

Saudi press officials did not return a request for comment, but the Saudi embassy in Washington said in a tweet in response to the Guardian’s story: “Recent media reports that suggest the kingdom is behind a hacking of Mr Jeff Bezos’s phone are absurd. We call for an investigation on these claims so that we can have all the facts out.”

Timeline Alleged Saudi hack of Jeff Bezos Show Hide Mohammed bin Salman, widely known as MBS, becomes crown prince of Saudi Arabia, designated heir to the king. Donald Trump hosts a private White House dinner for a western adviser to MBS and David Pecker, the CEO of American Media Inc (AMI), which publishes the National Enquirer. Mohammed bin Salman meets with David Pecker and the western adviser to the crown prince, in Saudi Arabia. Mohammed bin Salman reportedly tells a top aide he wants to use a 'bullet' on Jamal Khashoggi, who is writing critical columns in the Washington Post. Mohammed bin Salman arrives in the US for a tour to boost Saudi Arabia's reputation with America's most senior VIPs, business leaders and government officials. Trump hosts Mohammed bin Salman at a meeting in the White House, where the US president calls them 'good friends'. AMI publishes nearly-100-page glossy magazine praising Saudi Arabia and Mohammed bin Salman. Mohammed bin Salman is guest of honour at Hollywood dinner. Amazon CEO Jeff Bezos attends. Jeff Bezos and Mohammed bin Salman have WhatsApp exchange. It is now believed, according to sources, a text message sent from the crown prince to Bezos contained a malicious file that infiltrated the phone. Jeff Bezos sends intimate and private text messages to his girlfriend. Jamal Khashoggi killed in Saudi consulate in Turkey. The National Enquirer publishes exposé of Bezos's extramarital affair, including intimate text messages. Jeff Bezos publishes blogpost accusing the National Enquirer of extortion. Saudi Arabia denies any involvement in the publication of the Bezos story. AMI also later dismiss claims of Saudi involvement, insisting it was tipped off about the affair by the estranged brother of Bezos’s girlfriend. Bezos's security chief, Gavin de Becker, publishes Daily Beast article saying investigators concluded with high confidence Saudis had access to Bezos's phone. UN special rapporteur Agnes Callamard finds credible evidence Saudi Arabia is responsible for premeditated murder of Jamal Khashoggi. Guardian reveals Bezos's phone was apparently 'hacked' in May 2018 after receiving a personal WhatsApp message sent from Mohammed bin Salman's personal account. Large amounts of data are exfiltrated from the phone within hours, according to sources. The Guardian has no knowledge about the precise nature of the material that was allegedly taken or what was done with it.

The fresh allegations about Bezos suggest that even the world’s richest person can fall victim to a cyber-attack, a fact that will likely shine a spotlight on the issue and is likely to cause some consternation on Capitol Hill. Bezos’s head of security, Gavin de Becker, said in an opinion column last March that he had handed the results of his own investigation to law enforcement officials.

The FBI did not return a request for comment on Tuesday.

WhatsApp, the popular messaging service, filed a lawsuit against NSO Group last year alleging that 1,400 users were hacked over a two-week period between April-May 2019 using the Israeli company’s malware. About 100 of those alleged victims were journalists, human rights campaigners, academics and activists who were apparently targeted by NSO’s government clients.

Wyden told the Guardian in December he was examining the possible hacking of US citizens by technology sold by the NSO Group and other foreign surveillance companies, an issue he said raised “serious national security issues”.

NSO has staunchly denied the allegations and has said its technology is intended to be used only to fight crime and terrorism. It has also said its malware technology is not used against US mobile phone numbers, although WhatsApp has suggested in litigation against the company that at least one “202” phone number was targeted using the malware.

Hacking Team could not immediately be reached for comment.

Wyden, an outspoken privacy advocate, asked Bezos to assist him in providing as much technical assistance as possible about the alleged intrusion, saying it would help Congress prevent more cyber-attacks on Americans. Among other details, the senator is seeking the IP addresses of the servers associated with the malware, and any detailed forensic reports that Bezos and his team may have had conducted after the alleged breach. Wyden is also seeking to determine whether the Saudis used an “off-the-shelf” surveillance software, and if so, which one.

It is not clear what precise data was allegedly exfiltrated by Saudi Arabia. Bezos’s own security team has in the past linked allegations that Saudis “accessed” Bezos’s phone to the publication last January of a National Enquirer exposé, which included details about Bezos’s extramarital relationship and intimate text messages.

Bezos’s spokesperson could not immediately be reached for comment. But an attorney for the chief executive told the Guardian on Tuesday that Bezos was cooperating with “investigations”. He declined to comment on the new claims about the crown prince’s alleged personal involvement in the hack.

Both Saudi Arabia and American Media Inc (AMI), which owned the National Enquirer, have denied the kingdom was involved in the publication of the Bezos story.