A UN report published Wednesday places a secretive, billion-dollar Israeli spyware company at the center of Saudi Crown Prince Mohammed bin Salman’s alleged hack of Jeff Bezos’ personal phone.
The UN report found that Crown Prince Mohammed and Bezos exchanged messages on WhatsApp in spring 2018, before Crown Prince Mohammed sent Bezos a malicious video file, after which Bezos’ phone started transmitting a huge amount of data. The report’s authors called for an “immediate investigation by US and other relevant authorities.”
As for the software used for the hack, UN investigators determined that “the most likely explanation for the anomalous data egress was use of mobile spyware such as NSO Group’s Pegasus.”
The NSO Group is an Israeli spyware company valued at over a billion dollars that offers its clients “offensive-cyber capabilities.” The group has previously been accused of helping Saudi Arabia and other countries attack dissidents and journalists, but has repeatedly denied those claims.
The NSO Group also denied the UN Report’s allegations in a statement to Business Insider.
“As we stated unequivocally in April 2019 to the same false assertion, our technology was not used in this instance. We know this because of how our software works and our technology cannot be used on US phone numbers. Our products are only used to investigate terror and serious crime,” an NSO Group spokesperson said.
Little is known about exactly how NSO Group’s technology works. Sources familiar with the company told Business Insider in August that clients pay to use Pegasus, the firm’s hacking tool, based on the number of people they want to target. The group offers a combination of hardware and software to carry out hacks.
The NSO group displayed a hacking device at the 2019 Milipol security conference in Paris, and Business Insider’s Becky Peterson took a photo. Here’s what it looks like:
It’s not clear why NSO Group’s software wouldn’t work on US phone numbers as the company claimed, or whether that restriction is self-imposed by the company. It’s also possible that NSO Group has developed a newer model or changed its hacking methods since displaying the device at Milipol.