Abouammo complied, using his access to internal systems to find Mujtahidd’s email address and phone number. It was a potentially reckless move by the Twitter employee, possibly unmasking critics of a government that locked up dissidents.
Such requests continued for months. Over that time, Salman became king, Mohammed gained stature, and Asaker found himself working for one of the most powerful men in Saudi Arabia. Asaker would pay more than $300,000 to Abouammo, deposited in a Lebanese bank account that Abouammo had a relative open for him. “Proactive and reactively we will delete evil, my brother,” Abouammo texted Asaker just before one deposit of $9,911.
Abouammo had limited technical skill, and a single mole was hardly a reliable way of ensuring consistent access to Twitter users’ private information. Asaker found a better spy, according to Justice Department filings. As luck would have it, Twitter had hired a young Saudi named Ali Alzabarah, who was educated in the United States on a Saudi scholarship.
Living in San Francisco, Alzabarah struck his friends as a typical software engineer—a “nerd,” one friend called him admiringly. He didn’t seem interested in things other than software and didn’t speak much until the conversation turned to programming or the future of technology. Away from work, says a friend of his, Alzabarah seemed to spend most of his time at home or socializing with a small group of expat Saudis who worked at tech firms in the Bay Area.
In February 2015, according to the indictment, Asaker had an intermediary reach out to Alzabarah. It turned out that the engineer felt deeply patriotic toward Saudi Arabia and wanted to help the kingdom however he could. And while Alzabarah’s job entailed maintaining systems to keep Twitter working properly, his position at the company did allow him access to the private information of many users, including their phone numbers, email addresses, and IP addresses. That meant that in some instances, Alzabarah could not only help unmask an anonymous regime critic, but also pinpoint the person’s location.
A few months later, Asaker traveled to the United States as part of an official Saudi delegation and asked Alzabarah to meet him. “I am traveling to Washington at the request of the office of Mohammed bin Salman,” Alzabarah told his wife in a text message.
Soon after that meeting, Alzabarah began using internal Twitter systems to comb through the account information of more than 6,000 Twitter users. Mujtahidd, in particular, was an ongoing target. He was tweeting out what he claimed was private information about the royal family, and some of it, like the looming dismissal of King Salman’s brother, Muqrin, as crown prince in April 2015, turned out to be true. The following month, Mujtahidd posted embarrassing documents from France detailing how the widow of a former crown prince was refusing to pay millions of dollars for luxurious hotel stays.
Days later Alzabarah accessed Mujtahidd’s account and got his phone number and IP address at Asaker’s request. Further requests for other users followed. Alzabarah told Asaker that one user split time between Turkey and Iraq. Another was based in Turkey. A third, a Saudi, was “a professional” who used encryption to conceal his identity, though once he signed in without encryption, and Alzabarah was able to track his IP address.
The Twitter engineer seemed to realize he was providing valuable information to Mohammed’s men—some of the accounts he was accessing were, the Royal Court suspected, connected to terrorism, and Saudi officials announced a $1.9 million reward to anyone who helped avert an attack. In his private Apple Notes account, Alzabarah drafted language to ask Asaker about whether he could claim that money.