In Depth

Jeff Bezos hack: what is malware and are you vulnerable?

Experts say cyberattack like that on Amazon CEO’s phone is ‘horribly easy to do’

Reports that Jeff Bezos’ phone was hacked by malware in a WhatsApp message sent by the Saudi crown prince has fuelled fears of similar attacks on tech users worldwide.

The message sent to the billionaire Amazon boss is believed to have included an infected video file that infiltrated the device, according to The Guardian. “Large amounts of data were exfiltrated from Bezos’s phone within hours,” the newspaper says.

Computer expert Professor Alan Woodward told the BBC that such a hack is “horribly easy to do”. But just how great is the threat, and what can you do to protect yourself?

What is malware?

Malicious software, commonly known as malware, is “software developed by cyberattackers with the intention of gaining access or causing damage to a computer or network”, explains tech news site ZDNet.

In many cases, the victim “remains oblivious to the fact there’s been a compromise”, the site says.

Malware is “often created by teams of hackers”, says cybersecurity company AVG, which adds: “Usually, they’re just looking to make money, either by spreading the malware themselves or selling it to the highest bidder on the dark web.”

Some criminals use malware to demand a ransom for stolen sensitive personal data, while others are seeking access to information such as credit card numbers.

What malware was used to attack Bezos?

The specific malware used in the Bezos hack has not been determined, but some experts believe it may have been Pegasus, which The Times describes as a “highly sophisticated malware created by NSO Group, an Israeli cybersurveillance firm”.

In October, WhatsApp urged its 1.5 billion users to install an app update immediately, after the company discovered that Pegasus had been installed on thousands of phones via the messaging service.

“Once in the target’s phone, spyware lets a hacker access almost everything, including all messages, emails and incoming or outgoing calls, as well as pictures, cameras, microphones and location data,” says the newspaper.

How can you protect yourself from attacks?

Cybersecurity firm Kaspersky says that the answer to keeping gadgets malware-free “has two parts”: antivirus software packages and personal vigilance. 

When it comes to the latter, be “wary of emails that ask you to provide passwords”, or “emails that seem to be from friends, but have only a message such as ‘check out this cool website!’ followed by a link”, says the company. 

In the reported Bezos hack, the message is believed to have included a photograph and a crypitc message that said: “Arguing with a woman is like reading the Software Licence Agreement. In the end you have to ignore everything and click I agree.”

The Times says users should also beware of unexpected links posted in messaging groups, and “should also use a different password for every app and service, and where possible, enable two-step authentication”.

Ensuring that software is “patched and up to date”, and that “all operating system updates are applied as quickly as possible after they’re released”, will help too, adds ZDNet. 

Recommended

Meet the ‘vaccine king of India’
Adar Poonawalla gestures during a press conference in Pune.
Global lens

Meet the ‘vaccine king of India’

‘Get kids vacc to school’
Today's newspaper front pages
Today’s newspapers

‘Get kids vacc to school’

New theory says we will all turn into crabs
crab
Tall Tales

New theory says we will all turn into crabs

Quiz of The Week: 16 - 22 January
Joe Biden is sworn in as president of the United States
Quizzes and puzzles

Quiz of The Week: 16 - 22 January

Popular articles

What do Covid vaccines cost - and who is paying over the odds?
People wait to be vaccinated at Salisbury Cathedral
Getting to grips with . . .

What do Covid vaccines cost - and who is paying over the odds?

Best TV crime dramas to watch in 2021
Line of Duty series six returns to BBC One in 2021
In Depth

Best TV crime dramas to watch in 2021

Ten Things You Need to Know Today: 25 Jan 2021
10 Downing Street
Daily Briefing

Ten Things You Need to Know Today: 25 Jan 2021

Free 6 issue trial then continue to