Hackers track iPhone prototypes to exploit vulnerabilities
Prototype iPhones are incomplete devices, used for testing and after the research is complete they will be destroyed. However, hackers find ways to buy this prototype iPhone for the purpose of exploiting a security hole because they are not completely encrypted as the official version.
According to researcher Patrick Gray, theoretically, commercial iPhones cannot be extracted because they are equipped with a Secure Security Processor (SEP), which protects and prevents any interference. encrypted hardware.
An iPhone Prototype is interfered with specialized equipment.Photo: Motherboard.
Meanwhile, the prototype iPhone still has a 'port' to interfere inside because the SEP system is not completely encrypted. Therefore, depending on the level of SEP encryption, hackers can extract iOS source code and hardware information.
Hackers can sell data collected to the black market, police, who develop iPhone unlocking tools or even genuine Apple to get bonuses. The black market is the favorite place for hackers because it sells for a higher price. In 2016, a hacker discovered a security vulnerability on iOS but later rejected a bonus of up to hundreds of thousands of dollars from Apple.
The original iPhone X is for sale online.
Hackers can buy prototype iPhones from collectors, on the black market because of being leaked from the factory.
According to an anonymous security expert, an iPhone X Prototype model can be sold for about $ 1,800 (more than 42 million), and if you want to own a prototype iPhone XR, you can extract software information as well. and hardware hackers will have to spend up to 20,000 USD.
On the other hand, iPhone Prototypes have helped create the iPhone unlocking tool being used in law enforcement agencies. The most prominent is the FBI case that broke a terrorist's iPhone 5C in San Bernadino in 2016 thanks to Cellebrite's unlocking tool.
To ensure the original iPhones don't reveal too many secrets, Apple has established its own mechanism with many different layers of protection, even engineers in the same development team can't know the whole thing. In addition, Cupertino (USA) has strict rules and gives very heavy penalties, even dismissing employees who reveal secrets.
You should read it
- iPhone 12 marks 13 years of change for Apple
- FBI unlocked iPhone of suspects using FaceID
- Compare iPhone 13 Pro and iPhone 12 Pro
- How has the iPhone evolved, from 2007 to 2017?
- Should I upgrade my iPhone X to iPhone 13?
- How to Unlock iPhone 6S and iPhone 7
- iPhone 13 revealed the original original design
- Should iPhone 7, 7+ update iOS 14?
May be interested
- Good hackers find and patch the vulnerability for more than 100,000 other routersrecently, zdnet has reported on a white hat hacker claiming to be alexey, specializing in finding vulnerabilities in mikrotik router system and patching up so that bad guys can't use them to do bad things.
- The new vulnerability on Intel allows hackers to take control of your computer within 30 secondswhile intel's meltdown and specter vulnerabilities have not been completely overcome, the world faces a new security vulnerability that allows hackers to take complete control of the user's device and attack time within 30 seconds.
- Google discovered two serious vulnerabilities on iOSgoogle 's project zero security team discovered two new security vulnerabilities of the zero-day vulnerability called cve-2019-7286 and cve-2019-7287 on ios that allow hackers to exploit to take advantage of it. user.
- EternalRocks - more dangerous malicious code than WannaCry exploits up to seven NSA vulnerabilitieswhile ransomware wannacry has stirred up the internet world over the past few weeks to exploit only two vulnerabilities, the new malware uses seven vulnerabilities.
- Microsoft warned about malicious spam campaigns using vulnerabilities in Office and Wordpadmicrosoft recently issued an emergency warning about an online spam campaign targeting european countries, currently using an exploit can easily infect users by simply opening an attachment. .
- The US shares the top 20 vulnerabilities most exploited by Chinese hackers since 2020 until nownsa, cisa and fbi have just released a list of vulnerabilities most exploited by chinese hackers to target government and critical infrastructure networks.
- Millions of Android devices stick with security holes in firmware, hackers can exploit to lock users' machineshackers can exploit this vulnerability to hijack the machine or lock the device so that users cannot use their smartphone.
- Large vulnerabilities in iOS 12 allow hackers to access images and contacts when the iPhone is locked with a callon ios 12, there is a vulnerability that allows hackers to access the folder of images and contacts on the locked iphone.
- Discover new Zero-Day vulnerabilities that target bugs in Windows 10 Task Schedulersandboxescaper, a vulnerability researcher named sandboxescaper, recently quietly announced the emergence of a new zero-exploit in windows 10 operating system less than a week after the operating system received it. get regular updates from microsoft.
- Detects code execution vulnerabilities in WinRAR, noting more than 100 infringement casesa code execution vulnerability in winrar has been exploited more than 100 times separately by hackers in the first week since it was revealed, and it is expected that this number will continue to increase in the future.