Hackers track iPhone prototypes to exploit vulnerabilities

Prototype iPhones are incomplete devices, used for testing and after the research is complete they will be destroyed. However, hackers find ways to buy this prototype iPhone for the purpose of exploiting a security hole because they are not completely encrypted as the official version.

According to researcher Patrick Gray, theoretically, commercial iPhones cannot be extracted because they are equipped with a Secure Security Processor (SEP), which protects and prevents any interference. encrypted hardware.

An iPhone Prototype is interfered with specialized equipment.Photo: Motherboard.

Meanwhile, the prototype iPhone still has a 'port' to interfere inside because the SEP system is not completely encrypted. Therefore, depending on the level of SEP encryption, hackers can extract iOS source code and hardware information.

Hackers can sell data collected to the black market, police, who develop iPhone unlocking tools or even genuine Apple to get bonuses. The black market is the favorite place for hackers because it sells for a higher price. In 2016, a hacker discovered a security vulnerability on iOS but later rejected a bonus of up to hundreds of thousands of dollars from Apple.

The original iPhone X is for sale online.

Hackers can buy prototype iPhones from collectors, on the black market because of being leaked from the factory.

According to an anonymous security expert, an iPhone X Prototype model can be sold for about $ 1,800 (more than 42 million), and if you want to own a prototype iPhone XR, you can extract software information as well. and hardware hackers will have to spend up to 20,000 USD.

On the other hand, iPhone Prototypes have helped create the iPhone unlocking tool being used in law enforcement agencies. The most prominent is the FBI case that broke a terrorist's iPhone 5C in San Bernadino in 2016 thanks to Cellebrite's unlocking tool.

To ensure the original iPhones don't reveal too many secrets, Apple has established its own mechanism with many different layers of protection, even engineers in the same development team can't know the whole thing. In addition, Cupertino (USA) has strict rules and gives very heavy penalties, even dismissing employees who reveal secrets.