THEOS Cybernova: The Cybersecurity Podcast for APAC Leaders

Paul Jackson: Welcome to the THEOS Cybernova podcast with myself Paul Jackson. Today we’re going to have a very special guest. With us today is Tom Wright. Thank you for joining me Tom.

Tom Wright: Great to be here.

Paul Jackson: Yeah. So this will be a special two-part podcast episode to close out season two in style. Tom, you’re the co-author, together with Bradley Hope of the acclaimed book The Billion Dollar Whale. Now The Billion Dollar Whale is an eye-popping account of one of the most brazen heists of all time, a bestselling book that I’m sure will be familiar to all of our listeners.

What they may be less familiar with, Tom, is your subsequent work in, as you term it, whale hunting, which I think is a great name, and I want to dive into that more in these episodes. And I guess, you know, you’re under the umbrella of Project Brazen, so I think that’s a fitting name, isn’t it?

Tom Wright: Yeah.

Paul Jackson: You chose that deliberately there. So let’s start with, you know, a little bit of background because your work on the 1MDB scandal with the Wall Street Journal was nominated for a Pulitzer Prize, if I’m right, in 2016. I mean, that must been a great feeling, right?

Tom Wright: Well, we didn’t win it. We were only nominated. We were finalists. I actually, I was once in a sort of battle on Twitter with somebody in China, one of these apologists for the Chinese regime. And he pointed out, oh, on your LinkedIn, you say you’re a Pulitzer finalist, but you didn’t win it. And I was like, yeah, that’s true. But you know, we got pretty close. We were beaten by the New York Times.

But yeah, it seems like a long time ago now – a decade ago when we uncovered the Jho Low story. We weren’t the ones who broke it. That was a Malaysian newspaper and a blogger. But I spent like a good 3 to 4 years of my life on that story and, you know, started out with: Who was this guy Jho Low? Why’s he got billions of dollars? What’s his relationship with the Malaysian prime minister? And, you know, we unraveled it from there to prove one of the biggest heists in history. Incredible story.

Paul Jackson: A truly incredible story. And, you know, we met around a decade ago just after I’d left JPMorgan. And I was so inspired by your dedication to get the facts. And as it turned out, it’s a massive book and a lot of facts in it.

Tom Wright: Yeah, it’s like 110,000 word book. So it really took a lot of work. I mean, honestly, it was very, very difficult to do because every — I mean, so my coauthor, Bradley Hope, was also at the Wall Street Journal at the time. He had lived in the Middle East and there was a huge Middle East component to this.

I mean, for your listeners who don’t know the story, basically, this guy Jho Low was in his 20s. He got to know the Malaysian prime minister. The Malaysian prime minister said, okay, you run this sovereign wealth fund from behind the scenes. And, you know, they went ahead and stole billions of dollars and used it to make the film The Wolf of Wall Street with Leonardo DiCaprio. Jho Low, a pudgy Chinese guy in his 20s, ended up dating Miranda Kerr, the Australian supermodel. They threw hundreds of thousands of dollars at Jamie Foxx to play the piano for five minutes, that kind of stuff.

So that’s the story we unravelled. But of course, it had much more important implications as well, because Goldman Sachs was involved. They helped raise the money. One of their partners has gone to jail, not for very long, but Tim Leissner, their partner, went to jail. The prime minister of Malaysia is in jail, which is an amazing thing. The system held in Malaysia, you know, very corrupt place, but the system held and they were able to put the Prime minister in jail who gave cover for all of this stuff to happen. And then of course, lots of financial institutions were involved, abetting this stuff because so much money was sloshing around, people making so much money, they allowed it to happen.

Paul Jackson: So yeah, the looking the other way was staggering, wasn’t it really? You know, I guess when there’s eye watering sums like that, then, you know, greed takes over a little bit as well.

Tom Wright: It’s, you know, it’s the old adage that if you or I want to move a few thousand dollars, we get a lot of compliance questions. But if you want to move $100 million, there aren’t so many compliance questions because people’s end-of-year bonuses are going to be very large.

Paul Jackson: Right. Well, it’s a fascinating book. And, you know, for those listening to this who haven’t read it already, you know, I’ve read it twice now. Well, once I’ve read it and the other, eyesight’s getting a bit bad, so I downloaded the Audible version, which is excellent as well. Great narration.

So the purpose of this conversation is not really to rehash the whole book and the story. The audience may be thinking, well, why invite somebody like you to a cybersecurity and investigation-focused podcast? And just to set the scene a little bit, perhaps, you know my background. Obviously, I’ve been an investigator for a few decades now. And what I try to do in my work is try to avoid the silos of, you know, you’ve got cyber forensics, cyber investigations, forensics, online intelligence. And then in another silo, you’ve got the guys who do traditional fraud, insider threat, financial investigations, etc., when really they need to be meshed and merged to get the greatest impact.

And so the work that you’ve done as an investigative journalist has got many overlaps with my world in the cyber investigation work. And my intention here today is to explore these aspects further. But before we start, I’d like to ask you a key question. I mean, you’ve upset a lot of very rich and powerful people. Do you feel safe?

Tom Wright: Well, you know, you’re asking me this—just before we came on, and I was saying, well, that’s the question my wife asks me. Why do you have to piss off some rich and powerful people again? I mean, we don’t set out to do it. We’re really driven by finding stories that people don’t know. I don’t want to cover the news that’s already out there.

You know, the latest story, for example, that we did was about this South African guy called Benjamin Mauerberger, who more or less took over the government of Thailand, bribing from the prime ministers all the way down. He was a money launderer for the scam centers in Cambodia. He’s now on the run in Dubai. So we find stories like that, and often people come to us these days. You know, we’ve been doing it a long time as well. We get a lot of tips. A lot of times, as you know, whistleblower tips are not great. You know, you get people who got fired or something and they don’t go anywhere. But sometimes, you know, this story in particular, for example, we were tipped off a couple of years ago—who is this South African guy who’s buying, you know, tens of millions of dollars worth of planes for Cambodians and then for Thaksin, the former prime minister of Thailand? And it turns out he was this huge money launderer for these scam centres, the people who are calling up your mom and pops and screwing them over of their life savings. And that’s a $1 billion business.

So there is a risk when you do this kind of work. Because if you’re the only one reporting it for a while, I think there’s a risk when, you know, maybe killing you would lead to that information not getting out. But in general, one of our very strict rules is never threaten. You know, I would never say to a target of an investigation, if you don’t do X, I’ll do Y, for example.

So it’s very much like, look, we learned this. We think this is really interesting. Do you have anything to say about it? And that’s the way we approach things, I think. And if you do it that way, even people who—you know, we did a podcast about a guy called Fat Leonard who had corrupted the US Navy. We smuggled a microphone to him in detention in San Diego. He basically ripped up his plea deal with the American government to do our podcast. But he still talks to me because, you know, he doesn’t see me as a threat. I never threatened him. I just gave him an outlet to talk about his experiences. And even though he was a criminal and had ripped off the US Navy, still, you know, he still wanted to tell his story.

So, you know, sometimes very dangerous. But I think most of the time, if you operate in a truthful way and don’t threaten, I think you can.

Paul Jackson: Yeah. Yeah. Well, you’re a very brave person in my opinion. But we’ll talk in part two of this podcast more about the scam centres, because obviously, that’s a hot topic for us. But in your book, you did recount a story where you were in the Shangri-La Hotel in Kuala Lumpur, and you received a threatening call which made you dash for the border. Tell us a little bit more about that.

Tom Wright: Well, that was a story where Bradley, the co-author of the book, got a call from someone who was pretending to be a friend, and he said, look, the prime minister of Malaysia at the time is in the Shangri-La in Kuala Lumpur and he’s thinking of arresting you. So as a friend, you know, I’m saying to you, you should probably not be there. But actually, that person was part of the inner circle of what was going on and was threatening us by doing that. But we didn’t know that at the time. We took it as a friendly hint.

So Bradley called me. It was three in the morning in Kuala Lumpur, and I took a taxi to the Singapore border. And I didn’t go back to Malaysia for about four years after that, until, you know, Najib lost power in an election and then was subsequently jailed. So the prime minister was jailed, and Jho Low ended up in China, which we can talk about if you’re interested. But the danger levels went down a lot at that point.

Paul Jackson: Right, right. So let’s go to the backstory because I always like to understand the backstory of our guests. And what really drove you to get into investigative journalism in the first place?

Tom Wright: Well, as a kid growing up in England, grew up in Birmingham in the UK.

Tom Wright: Oh, really? Where are you from?

Paul Jackson: Yorkshire.

Tom Wright: Well, I haven’t been to Birmingham for years, but I’m going to stand up for it. I think it’s a great place to raise a child.

So, you know, I was very interested in the film The Killing Fields, you know, obviously about the Khmer Rouge and the New York Times journalist who reported on it and the Cambodians involved. And I did like a—you know, when I was probably in middle school, I did a project on it, and I always wanted to become a foreign correspondent.

I ended up in Indonesia in the 90s. I actually lived in Indonesia between high school and university, learned Indonesian, lived in Bandung, and then went back and worked for Reuters at the end of the Suharto era. So when Megawati was coming up as the dictator of 32 years had to— was falling. I got a taste for the whole sort of running—very dangerously at that time, with no training, running with, you know, between protesters and live bullets and all that kind of stuff.

And I did that. I got a job at the Wall Street Journal eventually. Did AfPak coverage. Did Pakistan coverage. I was a Pakistan reporter for a while when Bin Laden was killed. And the first proper investigative story I did was about a company called Suzlon in India, which is a wind turbine company, and it was a $1 billion company at one point. But they were sort of stealing their technology. And I sort of found out about it, and we ended up reporting to a degree where the share price totally collapsed. The company basically had to reset.

So you get that sort of bit of an adrenaline rush with that kind of reporting, because it’s not something anyone else is doing. You have to pick why you’re doing it. You don’t do this stuff gratuitously. There’s normally, you know, in that case, India had this story of being a huge boom economy at the time, but it didn’t have the sort of good governance practices in place. And so that was an interesting story to sort of put out there at the time. There was a public reason to do it. The Journal was happy with me spending a lot of time on it. And so, yeah, I got more job satisfaction out of spending, you know, more weeks doing it than the sort of daily news or the sort of more press conference type of journalism.

Paul Jackson: Right. What made you leave the Wall Street Journal in the end?

Tom Wright: Oh, well. So then we ended up doing the Billion Dollar Whale book that you’ve referred to. That came out in 2018. And then the next year, I mean, at one point—well, actually the initial reason to quit was because the Journal wouldn’t allow me to do public speaking. And when you have a bestselling book for a while, you have quite lucrative public speaking opportunities. So I did that for a while. Then COVID happened, and that killed that.

So then I’m like, okay, do I go back to journalism? And then I managed to persuade Bradley, who was the co-author of the book, who was still at the journal at the time—he had lived in the Middle East—to leave. And we set up Project Brazen, which is actually named—it is brazen because, you know, we like the name, the word, but it’s also because Jho Low, the Malaysian fraudster, had a shell company called Brazen Sky. So we quite like the sort of, you know, link to 1MDB to set up a company.

And the company’s sort of modus operandi is to find true stories that are adaptable for TV and film. That’s what our business model is. We try to produce Hollywood films that are based on true events.

Paul Jackson: Right. Again, switching gears slightly, I read a review by the Tribune Star of your book, which says details in the book can be a slog, but give the book authority. And got to be honest, they’re not wrong. Right? And there is an incredible amount of detail and research. So what I’m curious about is how you document all this. Because in my prior life as a cop and obviously as an internal corporate investigator, I needed to use tools like i2 Analyst’s Notebook. But I have visions of you, you know, with a huge board covered in photos, documents and bits of string, tying them together. So what’s your secret? Or do you just have a phenomenal memory?

Tom Wright: No, I don’t have—I’m not very well organized either, actually. But if I had my time again, and, you know, I think Bradley would probably agree with this—to do the book again, we probably would put less detail in. The problem with a nonfiction book like that is if you come at it as a journalist, you’re like, oh, I’m writing a version of history here that we need to put everything in. Right. But there’s another half of you, which is like, well, I’m trying to write an entertaining nonfiction book which draws people along.

And so you actually get complaints from both sides. You get people saying, well, you haven’t given enough of the financial background to explain the fraud. And you get people who say, well, oh, it’s a slog. It was hard to get through these pages. So we had a rule of like short chapters, lots of scenes, trying to keep it as light as possible. But yeah, there’s probably a little bit too much in there.

In terms of how we work, one way to write a book like this or to do any work like this is to keep a timeline. That’s the first thing we would always do is like, develop a, you know, thousands of words timeline from, you know, person born, to this and that, and colour coded different characters differently. That then gives you the spine, the narrative spine to then create like a chapter outline of like how you’re going to tell the story because you probably don’t want to tell it purely chronologically.

And then in terms of organising, you would then have lots of files that are then related to the timeline. So okay, this person is this color. This file is related to this person doing—for Billion Dollar Whale, in the age of AI would be a lot easier for sure, because back then, you know, we would get, say for example, somebody gave us an Excel spreadsheet of Jho Low’s—not WhatsApp, BlackBerry messages. And you’ve got Jho Low, the fraudster—apart from being a fraudster, he’s also just organising where he’s going for his, you know, lunch or drinks or whatever. He’s like sharing restaurant recommendations with people.

You’ve got to—you had to physically slog through all of that on the Excel spreadsheet to get to the bit where he goes, have you opened the Acme Time Limited Shell company for me? And you go and your brain goes, oh, I remember seeing that elsewhere in financial documents. So it was very—it was almost like that. It was very much not happenstance, but you had to remember salient names and things and then cross-reference them. Which I think could be done now with—you could train AI to look for that for you.

So, I don’t know, I don’t have a phenomenal memory, but I do have a very good instinct for: okay, I’ve heard of that shell company somewhere else, and then remembering where that was and going and finding it, always with a narrative in mind. Because I needed to have a little narrative moment somewhere.

Paul Jackson: Right. It’s a shame you didn’t end up in law enforcement, because I think, you know, those other skills would have been—

Tom Wright: I think that’s similar. Right?

Paul Jackson:  Very similar. Oh, 100%.

Tom Wright: So when you were in the Hong Kong police—

Paul Jackson: Yes. Correct. Correct. You know, you’re bombarded with facts and trying to, you know, make the story straight is challenging, right. But I’m very disappointed you don’t have a massive board with photos.

Tom Wright: No, it’s not like those Netflix B-movies where you go down into the basement and there’s a thing. No, but I did have a whiteboard. So I wrote, you know, my part of the book in the US, in London, I was at Hong Kong University when I did it. And I had a—I did have a whiteboard with those kinds of things.

Paul Jackson: Right. So your book sold well over half a million copies. I don’t know what the latest number is. What is the latest?

Tom Wright: It’s over a million.

Paul Jackson: Yeah. Oh, over a million. Wow. Well done. And, you know, obviously the 1MDB scandal has been widely reported in Wall Street Journal and other publications. But prior to this podcast, I actually asked a few of my friends what they actually knew of the incident, what details, and very few could recall details other than it was a massive fraud.

I was curious about this and the bit of psychology I think in this. Do you think that these stories that you come up with—and we’ll talk more about, you know, your current investigations—do you think they’re just so complex and the sums are so hard to fathom that people just fail to comprehend, perhaps? Or is it just yet another sign of the shortening of attention spans in this day and age?

Tom Wright: I think it’s just a shortening of attention spans. I think there’s so much content out there at the moment that, you know, to get someone to really know something, to actually read it is hard. And it’s actually already a win. So, for example, this new story I’ve been writing about—which we’ll get into later—about this South African fraudster who took over the Thai government. That’s the elevator pitch for it.

You know, if anyone’s even heard of his name, Benjamin Mauberger, and can tell me that he took over the Thai government. That’s already a win, you know, because your friends, you might send them the PDF of the 7000 word story you wrote on it, but they’re not going to read it or some will read it. People like yourself will read it for the right, maybe professional reasons.

You try to make it as sexy as possible. You know, you play up the most Netflix, you know, adaptable elements of any story to hook people. So we know how to do that. We know how to do, you know, Twitter threads that try to hook people or LinkedIn. But to for someone to really engage with a story that’s quite complex is difficult. Right.

And then, you know, you look at the news flow at the moment—it’s 90%, you know, what’s going on in Minnesota, right? Very easy to grasp. You know, ICE agent shot someone and those things sort of suck out all the air out of the room. So when you’re working on other stuff, right, it better be like catnip for audiences. Otherwise they’re not going to engage with it, you know?

Paul Jackson: Well, that’s a real challenge, making something like the 1MDB scandal into bite sized pieces, isn’t it?

Tom Wright: Well, that’s why we, you know, we originally wrote the book at 18 chapters, and our editor was like, well, you better do this like a James Patterson novel and make it 40 chapters, with each one being three pages, because people feel like they’re making progress. And you can cut the narrative.

So, you know, you’re seeing now there are these Chinese, I think they call them vertical—like vertical telenovelas on phones where episodes are like 90 seconds or five minutes, whatever. But over time, you can still tell a three-hour story and do it in those. But it’s challenging. But I think that is the future of this kind of content. You need to keep things short and then build up detail over a longer time frame.

Paul Jackson: So let’s talk a little bit about operational security, because in our world, this is a huge topic, especially when we’re dealing with cyber threat intelligence. I’ve got a feeling it must be a critical part of the way you operate. Because there’s two parts to this: protecting your own anonymity sometimes when you’re trying to get facts out without them knowing who you are, you know, what your objectives might be. And secondly, obviously, you’ve got informants who have a very strong reason for staying anonymous, that you have to protect their identities. So, can you talk a little bit about what you do in both those contexts?

Tom Wright: In the first context, I never will pretend to be someone I’m not. This is not—I just personally don’t like that. I think the British press do it a bit. The American press don’t really do that. You know, James O’Keefe does that at Project Veritas, and I think it’s terrible, right? Like you pretend to be someone else and you’ve got people.

And the reason for that is you just sort of stoop to the level of other criminals, right? By pretending—there may be reasons why you might do that in an operation or setting if you’re police or something. But if you’re a journalist, I think it’s much better to say, look, this is who I am, this is what I’m doing.

And you—I think people trust you more than, like, going back to you talking about safety as well. I think if you start to pretend you’re someone you’re not and trick people, your safety, your danger levels go up quite a lot as a journalist. Whereas if you say, look, I’m working on this story, this is what I found out. What’s your response? Always give, you know, right of response to people. So they can come back. I would do all of that out in the open because I just think it’s better for us.

In terms of the protecting the source, that’s totally different. You know, you see a lot of discussion now on social media about whether you should give anonymity to sources. Right. There’s been a big debate this week about—there’s been a piece about Bari Weiss at CBS’s takeover of CBS, right, where it’s been criticiced by a lot of people in CBS who were all given the right to be off the record. And you could argue, well, that’s not important enough. And if you’re going to criticise another journalist about journalism, do it on the record. Right?

So I think I would agree with that. But if it’s somebody who’s deep inside a corrupt government, a country with no rule of law, who’s giving you secrets at the risk to their own safety, then it’s very important that, you know, you protect them. So in terms of operational security, I mean, we can talk about that if you like. How do you keep those people safe?

Paul Jackson: How do you protect their identities? Because, you know, you have to trust that you’re really speaking to the right people. So they, you know, you have to validate that part. And yet that validation probably comes in some form of communication or messaging that you have to protect them.

Tom Wright: That’s a very good question about how do you make sure you’re not being—that keeps me awake at night. Like that somebody could have set up a fake persona with a bunch of fake information. And especially in the age of AI, right? To then make me report something that is totally fake. And then, you know, that’s terrible.

So, you know, let’s put it into, onto the meat of a real example. So this Benjamin Mauerberger, this story that—again, just to recap, South African guy laundered billions of dollars for the Chinese mafia networks in Cambodia, the ones that are doing the scam centers. You know, calling Americans, getting them to invest in fake crypto. He’s laundered a lot of the money. A lot of the money moved through Singapore, you know, over $1 billion moved through the fund management structures in Singapore. He set up a fake fund management company here.

So there are sources to this. You don’t just report this because somebody gives you a document. You need human sources and documents. You need to triangulate it all, and, you know, can’t get into very specific details because of source protection. But you need to ensure that the people who are talking to you really are who they say they are. So I would spend a lot of time doing that work. And you can do that through social media, you can do it by talking to other people and just figuring out who they really are. Right.

And then when they give you things, you need to sort of triangulate that against other sources as well to make sure that they’re not doctoring documents or they don’t have an ax to grind. But, you know, in this particular case where we were trying to prove the movement of hundreds of millions of dollars, we were able to find multiple ways to see that movement. And then feel careful enough, safe enough that this was real and sort of to answer your initial question, how do you protect those sources? Well, first, we don’t put their name in the story. That’s obvious. But then what if I were to get hacked by somebody?

Paul Jackson: Well, exactly. Yes.

Tom Wright: So I would keep—then I would keep my notes. But you have to have notes that you take when you talk to them. Because if I were ever to get subpoenaed or have a defamation suit against me, I would need notes, right? Like, oh, I talked to this person, so you keep those. But I would keep those physically, physically somewhere. Right. Then I would have—then any documents they gave me, I would have without their name on it somewhere else. And so somebody couldn’t hack my computer and go, okay, there’s a name and there’s an interview.

Paul Jackson: Do you worry about your phone, though? Because last week we had Bill Marczak on the show from the University of Toronto Citizens Lab and they do great work, you know, in terms of understanding the threats to mobile phones, hacking of journalists, especially those operating in areas where their life is at threat. You know, we all know those places, right? You know, that probably the most famous tool out there is Pegasus, which is basically a hidden tool which allows full access to your phone. Do you worry about, you know, that? Because obviously, you’re probably communicating with most of your contacts via your phone.

Tom Wright: Yes. I—yeah, there are, you know, safety protocols you can take like using apps like Signal, not having—having the person not use their real name on their login. So you know, be very careful that when I’m talking to a source who’s, you know, I think taking a big risk, that they would be using some kind of pseudonym on their special account that they set up on Signal or Telegram or something. So if you were to hack the phone, you wouldn’t know who they were necessarily. So things like that. Is it foolproof? I don’t know, but, you know, we do our best to ensure the safety of sources.

Paul Jackson: Talking about sources, you obviously had a number of sources from inside government bodies and financial institutions who, you know, dealing with very sensitive information. How do you cultivate these sources or do they all come to you?

Tom Wright: Again, let’s talk about specific case of this story we’ve been working on. So the way that this story first came out was that this guy, Benjamin Mauerberger, was raising suspicions in Southeast Asia because he was operating—he was a boiler room operator 20 years ago. So basically selling worthless stocks. People might remember the Ben Affleck movie from 2000 called Boiler Room. Vin Diesel, it’s a good movie.

So he was selling these things for years, got on the radar of a bunch of authorities. And he had a Cambodian diplomatic passport because he wasn’t able to travel to other places because he was wanted for the boiler room stuff. And then a few years ago, he suddenly starts buying Bombardier private jets and, you know, for various people, for Cambodian rich kids. And then, as I said earlier, for Thailand’s prime minister.

So that’s how he came onto our radar. That’s how people often come onto our radar—when they start spending a lot of money. That’s how Jho Low came onto people’s radar. Back in, you know, 2009, 2010, he was putting on these—he invented the bottle parade, the fraudster Jho Low. You know, when people come in with the sparklers in the champagne and the Ace of Spades, whatever it is, he invented that basically in Saint-Tropez. So that’s how he came onto people’s radars at that time. So often the inability not to spend gargantuan sums of cash when you’ve stolen it is one way that we start to hear about it.

Paul Jackson: Yeah, that’s interesting. So of course, you know, talking about Jho Low, right, who obviously is the subject of the Billion Dollar Whale. You recently exposed that he apparently traveled to China on a fake Australian passport and also, you know, as part of your whale hunting, you obviously have the hunt for Jho Low. Is it a source of frustration to you that, you know, he hasn’t yet had to answer to the numerous allegations surrounding his involvement in the fraud?

Tom Wright: A little bit, but honestly, you know, I’m sure just like you—I don’t know what the best way to describe this is. But I mean, justice is always partial, right? You’re never going to have true justice. And I’m not naive about that. I think in the case of Jho Low, the fact that the prime minister of the country, who, you know, gave him the cover to do what he did, the fact that he’s in jail is like something I never would have imagined. Right. And just recently got given a bunch more years.

Paul Jackson: I saw that.

Tom Wright: Yeah. Yeah. So Najib, the former prime minister. Jho Low—you know, we launched a sort of online search for Jho Low last year. We bought up a bunch of meme coins. Someone—not us, someone had come up with the Dollar Jho Low meme coin, which was languishing, wasn’t doing anything. So we just bought it all up and we offered it as a reward for people who had any tips, which is not something you’d be able to do with the Wall Street Journal. That wouldn’t be—and honestly, to be honest, it was a bit of a stunt because no one had made any money out of it.

But we did end up getting some really good tips, including that Jho Low was in China. He tried to check into a place with a fake Australian passport, but somebody recognized that he was—that was him because it was still the same photo. He was using this ridiculous name, Konstantinos Verus, which was, I think, a Cypriot sounding name, because at some point he had to move money via Cyprus. I think that’s why.

Paul Jackson: And he was wearing glasses in the photo.

Tom Wright: He was wearing glasses in the photo, which you’re not allowed to do in an Australian passport photo. Someone pointed out. So that was clearly fake. And you know, we found out where he was living in Shanghai and all of that. So he’s, you know, if anyone’s listening and is interested in why a fraudster is living in China, it’s because he was involved in a lot of corrupt Belt and Road infrastructure deals involving China after the 1MDB fraud. And so that’s why he’s given protection in China to continue living there. Basically, he knows where the bodies are buried when it comes to Chinese corruption.

Paul Jackson: Right? Right. So most of his assets or all of his assets, I think were sold off. Right? The physical assets, that is. But towards the end of your book, you do note that he still had the boat, but I don’t believe he’s got that anymore.

Tom Wright: No, no. What you’re referring to is like, the US Department of Justice seized $1.5 billion of assets, I think actually might have been closer to $2 billion of assets. This is stuff like—this is a civil suit, not a criminal suit against him. It was called the US versus the Wolf of Wall Street because he actually went after the proceeds of the film. Jho Low became great pals with Leonardo DiCaprio, you know, funded The Wolf of Wall Street.

So they seized all those assets, you know, mansions in LA, hotels, his stake in EMI Music Publishing, you know, he had all these businesses. And then the proceeds of that, a lot of that flowed back to Malaysia in a settlement. And then, of course, there were criminal actions against him, too. So he’s still wanted in Malaysia, in the US and actually in Singapore for criminal indictments.

Paul Jackson: Right, right. Okay. Well, hopefully one day he’ll have to answer them. Well, in the meantime, I guess you’ve been probably sued by quite a few of the people or organizations that you mentioned in the book. How many is it to date?

Tom Wright: We have not been sued by anyone.

Paul Jackson: Oh, you haven’t been sued?

Tom Wright: It’s very hard to sue someone if everything’s correct, you know. I mean, so we—from Billion Dollar Whale, we did not receive a single defamation suit, which I honestly, I’m quite proud of because it’s almost 400 pages of a nonfiction book. And like I said, it was very stressful because, you know, every time you say something, it has to be backed up with documents and facts. Right?

The Mauerberger story we’re doing now, we have had a lot more legal action.

Paul Jackson: Right. And we’re going to come to that in part two of this podcast. But to close out this first episode with you, I’ve heard rumors that they may be making the Billion Dollar Whale into a movie or TV series. Any truth in that?

Tom Wright: Yeah, yeah. So it’s a movie. Oh, it’s going to be a movie. Yeah, it’s a movie. The script is fantastic. It’s completed. And can’t talk too much about the details of the package that’s been put together. But the script is fantastic. It’s written by a screenwriter who wrote War Dogs, which is the Jonah Hill movie and Miles Teller movie about guys who take-sell arms in Iraq and it’s sort of like a dark comedy.

So it’s got that, it’s got that sort of dark comedy feel to it, the Billion Dollar Whale script that we have. And yeah, it’s going to be a fantastic movie.

Paul Jackson: Do you know who’s going to star as Jho Low?

Tom Wright: No, no, no, no, no. No casting secrets available yet. But it’s going to be a great movie. It’s just, you know, these things take about twice as long as you’d imagine they were going to take.

Paul Jackson: Will you have involvement in this? You know?

Tom Wright: Yeah. So our business, Project Brazen, that we’ve built, which is a TV and film business—it came out of selling the rights to Billion Dollar Whale to another company, SK Global, who are our partners in many of the shows we’re developing. SK Global famously did Crazy Rich Asians. They were the producers of that movie, if people remember, from 2018.

And yeah, we sort of started to learn about the Hollywood adaptation process from being journalists and writers. And that’s why we set up Brazen that, you know, does podcasts mainly, but we also still do books and longform magazine articles. We have our own online magazine called The Foundry, and all of what we do is like amazing stories that we think would have adaptation potential.

Paul Jackson: Yes. Well, I particularly like the whale hunting subdomain of your website. It’s one that I look at regularly and also your weekly newsletter, which I think it broadly puts itself out on the weekend. A roundup of other media, which is superb. But I do encourage anybody listening to go to—is it brazen.com?

Tom Wright: Yeah. If you want to subscribe to whale hunting, it’s whalehunting.projectbrazen.com

 Paul Jackson: whalehunting.projectbrazen.com

Tom Wright: Yeah. And that’s where it’s sort of like we have an outlet for the journalism we still do. So when we’re not producing TV shows and films, you know, we still do our original journalism there.

Paul Jackson: Right? And of course, we encourage all our listeners to hit the like or subscribe button on this podcast on whatever platform you happen to be listening to. It really helps us to get the message out there with these important stories. And we obviously thank you for listening. And, Tom, I really appreciate, you know, you’re giving up time here in Singapore to have a chat with us. And I’m looking forward to the second session where we’ll dig into some more of your investigations since the Billion Dollar Whale was published.