Moscow, 7 Mar — “News. Economics” Experts portal Motherboard has conducted a study, which found that hackers acquire on the black market prototypes of iPhone with a disabled security system. Hackers find bugs in iOS that can be used to hack smartphone.

Hackers on the Internet hunt for engineering samples or prototypes of the iPhone, which disabled a safety function. Attackers on the Internet trying to buy a smartphone, which Apple used to test the system iOS and some new features. Using such models to find vulnerabilities in the smartphone a lot easier.

As Motherboard writes, prototypes of “Apple” smartphones are usually stolen from the factories of Foxconn in China, engaged in the Assembly of the apparatus. On the black market the price varies from several thousand to several tens thousand dollars — it varies depending on the presence in the model of certain functions. For example, journalists found the announcement of sale X iPhone for $1800, the iPhone 8 Plus $5 thousand, and iPhone XR — $20 thousand

Photo: Motherboard

Engineering prototype represents the iPhone, which has not passed the entire production process or returned to a state of refinement. These are intended only for use by Apple engineers, the device is disabled most of the security features that makes it possible to see how the software operates without activated security systems.

For many months the newspaper has conducted a study which revealed that thanks to such devices that fall in the black market, experts hack iOS and find errors that can then be used including law enforcement.

To connect the prototype to the computer need a special cable, which is used by Apple developers. Its price on the black market is about two thousand dollars. After you connect to get root rights for devices with a few simple commands.

According to multiple sources, Cellebrite, a security firm, which allegedly helped law enforcement officials in the investigation of the case of the shooting in San Bernardino, has purchased several prototype iPhones. It is believed that similar instrumentation is used in Azimuth Security of a company that sells exploits to the Alliance of the “Five eyes” (Five Eyes), which includes the special services of the USA, Australia, Canada, great Britain and New Zealand. The aforementioned partner is a Linchpin Labs — the company-software developer, created by former employees of special services of the Alliance. Among others, clients of Azimuth Security is listed on the FBI. In particular, the Bureau has acquired from exploit to exploit the Tor browser, sources reported Motherboard.

The company has been developing exploits for zero-day vulnerabilities. They are used by law enforcement to investigate acts of terrorism, kidnappings and other serious crimes. According to two sources, the company has exploits for Android devices and iPhone. At Azimuth Security are specialists of the highest class. For example, last year its staff was supplemented by several developers of the exploits of the national security Agency of the United States. At least one employee last worked for the US defense Department, others work at Apple.

Photo: Motherboard

For the first time about this method of hacking smartphone Apple it became known in August 2016 at the conference Black Hat in Las Vegas. In this presentation Matthew Solnica, David Wang and Targee of Manda described how the Secure Enclave coprocessor handles the encryption of data, reports Motherboard.

Because the operating system is encrypted, it cannot be subjected to reverse engineering compared to engineering model, which uses a module that has not yet been encrypted. This is the only real way to know which commands are executed.

The former security officer of Apple said that after the conference, they turned to David van, with a request to share the way, which made it possible to obtain data. Hacker said that his colleague Solnick got one of the prototypes and dumped the firmware using the standard tools from Apple. Later, the participants in the meeting declined to comment.

However, according to the publication, Apple is well aware of the fact that such models have on the black market and regularly enhances security measures at its plants.

Read more •••


Please enter your comment!
Please enter your name here