Report Sheds Light on Gray Market for Prototype iPhones Used by Hackers to Discover Apple’s Security Secrets

Apple tries to make the iPhone, and its other devices, as secure as possible as it focuses on user privacy. But that doesn’t mean they’re perfect.

Unfortunately for the company, a lucrative gray market exists out there in the world where “dev-fused” iPhone prototypes exist. This market makes it possible for hackers and others to get early iPhone models which are typically not locked down, but do provide plenty of access to Apple’s security secrets. Hackers utilize this market all the time, but so do security researchers. The goal seems to be the same, though: Find any openings within Apple’s software

“These rare iPhones have many security features disabled, allowing researchers to probe them much more easily than the iPhones you can buy at a store. Since the Black Hat talk, dev-fused iPhones have become a tool that security researchers around the world use to find previously unknown iPhone vulnerabilities (known as zero days), Motherboard has learned.”

These pre-jailbroken devices are typically smuggled out of Apple at some stage or another. They are then sold on the gray market for thousands of dollars. One iPhone XR, for instance, can go for as much as $20,000. Others, though, are priced around $1,800. And these handsets can be utilized to find vulnerabilities relatively easy:

“On the back of dev-fused iPhones seen by Motherboard, there’s a QR-code sticker, a separate barcode, and a decal that says “FOXCONN,” referring to the factory that makes iPhones and other Apple products. Otherwise, the phones look like normal iPhones. That standard iPhone experience ends when the phone is turned on. When booted up, you briefly see a command line terminal. And then when it loads, gone are the sleek icons and colorful backgrounds of iOS.”

These dev-fused iPhones are paired with a specific Apple cable. That cable can cost around $2,000 on its own. But once the iPhone is connected to a Mac with that cable it’s like cracking open a golden egg. The person is capable of gaining root access to the connected iPhone.

According to the report, Apple is “well aware” these illegal devices are out there in the wild and being used. The company is trying to tone down access, but that may be pretty difficult considering how much they sell for.

Source: iphonehacks