Doubt is today being cast on a reported Jeff Bezos iPhone hack, which was said to have given attackers full access to the photos and messages stored on his iPhone X.
However, Cyberscoop cites other cybersecurity experts saying that the FTI report is incomplete, and provides only circumstantial evidence of the malware attack.
On the afternoon of May 1, 2018, Jeff Bezos received a message on WhatsApp from an account belonging to Saudi Arabia’s crown prince, Mohammed bin Salman […]
The video, a file of more than 4.4 megabytes, was more than it appeared, according to a forensic analysis that Mr. Bezos commissioned and paid for to discover who had hacked his iPhone X. Hidden in that file was a separate bit of code that most likely implanted malware that gave attackers access to Mr. Bezos’ entire phone, including his photos and private communications.
In particular, experts noted that FTI hadn’t managed to decrypt the fake video file to see exactly what it contained.
‘This FTI forensics report is not very strong. Lots of odd circumstantial evidence, for sure, but no smoking gun,’ Stamos said. ‘The funny thing is that it looks like FTI potentially has the [device] sitting right there, they just haven’t figured out how to test it.’
CNN says that not all cybersecurity experts are as critical of FTI’s claim of a Jeff Bezos iPhone hack, however.
Matt Green, an associate professor of computer science at Johns Hopkins, told CyberScoop the .enc file cited in the report indicates the keys to decrypt the downloader would have been found alongside the file itself.
‘This is encrypted using keys that should also be stored on the device which raises the question of why they haven’t decrypted it and examined what’s inside,’ Green told CyberScoop. ‘This should be decryptable using local keys if they’re around.’
‘I think it has to be evaluated in the context of the entire investigation; it’s just one part of the story,’ said White. ‘Some of the technical critiques around how the forensics were performed and what data were and were not analyzed are fair, but this is in no way a “typical” phone hacking case, if there is such a thing’ […]
‘There’s an absurd amount of Monday morning quarterbacking going on,’ said [another] expert, who spoke on condition of anonymity in order to preserve professional relationships with the report’s critics. ‘This isn’t a movie — things don’t proceed in a perfect, clean way. It’s messy, and decisions are made the way they’re made.’