Hackers use stolen Dev-Fused prototypes iPhones to probe security and develop iOS exploits

Hackers and security researchers use stolen “dev-fused” iPhones to discover how systems and sensitive components in the iOS function.

The “dev-fused” iPhones created for internal use at Apple.  These dev-fused iPhones have not finished the production process and have many security features disabled. Motherboard describes them as “pre-jailbroken devices.”

Dev-fused iPhones are smuggled out of Apple where they can sell for thousands of dollars on the gray market. These iPhones are incredibly valuable due to the fact that they can be used to locate vulnerabilities able to impact release versions of the iPhone.

Motherboard spent months researching dev-fused iPhones, talking to more than two dozen sources ranging from security researchers and Apple employees to rare phone collectors and jailbreakers, and found that researchers, hackers, and high-profile companies like Cellebrite or GrayKey use these dev-fused iPhones to uncover bugs that can later be exploited by law enforcement agencies.

Motherboard was able to find someone on Twitter who sells dev-fused iPhones, with a dev-fused iPhone X priced at around $1,800. The seller said that he’s provided dev-fused iPhones to several security researchers and that he believes major security firms that hack iPhones also use them. Other sellers offer dev-fused iPhones at higher prices, and Motherboard found an iPhone XR priced at $20,000.

Dev-fused iPhones are paired with a proprietary Apple cable called Kanzi that can cost upwards of $2,000, that, when plugged into a Mac, provides access to internal Apple software that offers root access to the phone.

Apple is said to be aware of the dev-fused unit trading, report sources within the company reveal, with Apple stepping up its efforts to prevent the units from leaving Foxconn and other facilities and into the hands of unauthorized users. Notably, Solnik was hired by Apple to work on its “red team” in 2017 following his talk, but left the company within weeks, for unknown reasons that are apparently “incredibly restricted” even from Apple employees.