They didn't say if they referred it to law enforcement, but I'd suspect they'd do as others had and when the time came turned the image(s) over to law enforcement.
I agree they have an uphill battle if they truly are saying Saudi Arabia did this. Nothing in this report would have me confident enough to say that. Also, I definitely wouldn't continue to utilize the device.
While I agree that the owner should not continue to utilize the device for normal usage, I'd recommend having someone in the lab use the phone, just so that they could determine what data was leaving the phone (i.e., the uptick in data leaving the phone after the video was received).
An interesting supplement on the (missing) decryption of the WhatsApp video
https://
Particularly worth of note (IMHO) is the conclusion
Conclusion
The report from FTI doesn't find evidence. Instead, it finds the unknown. It can't decrypt the .enc file from WhatsApp. It therefore concludes that it must contains some sort of evil malware hidden on that that encryption – encryption which they can't break.
But this is nonsense. They can easily decrypt the file, and prove conclusively whether it contains malware or exploits.
They are reluctant to do this because then their entire report would fall apart. Their conclusion is based upon Bezos's phone acting strange after receiving that video. If that video is decrypted and shown not to contain a hack of some sort, then the rest of the reasoning is invalid. Even if they find other evidence that Bezos's phone was hacked, there would no longer anything linking to the Saudis.
jaclaz