• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

The Naked Gun review: Charged with man’s laughter

July 30, 2025

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

July 30, 2025

Fairphone (Gen 6) review: Sustainability done the right way

July 29, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Mobile Tech»This Respected Security Researcher Stole $2.5 Million From Apple
Mobile Tech

This Respected Security Researcher Stole $2.5 Million From Apple

February 8, 2024No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
No Device Left Behind? Apple Releases Swath of Security Patches for Older Operating Systems
Share
Facebook Twitter LinkedIn Pinterest Email

A well-respected safety researcher has been indicted in a scheme that allowed him and his cohorts to steal tens of millions of {dollars} of Apple reward playing cards, merchandise, and providers. The twist to the story is that simply days after being indicted within the scheme, Apple thanked him within the notes for one in all its working system safety releases!

The safety researcher in query, Noah Roskin-Frazee, is affiliated with ZeroClicks.ai Lab. He has been praised by Apple for figuring out software program vulnerabilities that led to patches being developed for the failings. Nonetheless, the software program vulnerabilities Roskin-Frazee was thanked for locating had nothing to do with the safety vulnerabilities he allegedly used to steal $2.5 million price of Macs, iPhones, and reward playing cards.

As reported by 404Media, Roskin-Frazee found a vulnerability in
Toolbox, a backend system that Apple makes use of to position orders on maintain. Whereas on maintain, these orders can nonetheless be edited.

Roskin-Frazee and his alleged co-conspirator, Keith Latteri, used a password reset software, getting access to an worker account of an outdoor contractor who aided Apple with buyer help. As soon as they have been capable of entry the worker’s credentials, they have been capable of entry Apple’s techniques, inserting fraudulent orders for Apple units and reward playing cards.

The pair started inserting the fraudulent orders in December 2018, persevering with till a minimum of March 2019.

As soon as within the system, the pair would create and edit orders, including merchandise, together with iPhones and Macs, after which altering the value of the merchandise to zero. The larcenous duo would additionally order reward playing cards for use in Apple retail shops or resold.

See also  Apple Offers a Sneak Peek at Its Black Friday Shopping Event

Whereas the duo used false identities and drop transport addresses for the supply of the bodily merchandise, one of many pair took the chance to seize two-year extensions of current AppleCare memberships for himself and members of the family.

Whereas the indictment doesn’t point out Apple by title, the outline of “Firm A” is clearly Apple. from the 404Media report:

Firm A is headquartered in Cupertino, California, and “developed, manufactured, licensed, supported and offered laptop software program, client electronics, private computer systems, and providers,” the indictment reads. In a while, the doc mentions one of many defendants utilizing reward playing cards to “buy FinalCut Professional on Firm A’s app retailer.” FinalCut Professional is Apple’s video enhancing software program, which prices $299.99. The one means to purchase it on-line formally is by way of Apple’s App Retailer.   

Legal professionals for each Latteri and Roskin-Frazee didn’t reply to a request for remark from 404Media.

As if that wasn’t sufficient, a bit lower than two weeks after Roskin-Frazee was arrested, Apple thanked him on its web site for locating safety vulnerabilities in a number of current working system releases, together with macOS 14.2 Sonoma, iOS/iPadOS 17.3, watchOS 10.3, and tvOS 17.3.

We wish to acknowledge Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) for his or her help.

Roskin-Frazee has additionally been acknowledged prior to now for serving to to find vulnerabilities in macOS Ventura 13.6.4 and macOS Monterey 12.7.3.

ZeroClicks.ai Lab is a safety analysis firm that listed Roskin-Frazee as one in all two principals on its web site, alongside “Professor J.” Nonetheless, the location seems to be offline as of this writing.

See also  Everything Apple Announced in the Wonderlust Event Ranked

“Bridging the hole between vulnerability and safety, ZeroClicks is a analysis weblog devoted to the safety neighborhood,” the web site beforehand learn. “We unveil new Zero Day findings and vulnerabilities, all found with the help of AI. The idea of “Zero Clicks” embodies the twin nature of cybersecurity, representing each the threats we face and the options we search.”

A Twitter account below Roskin-Frazee’s title additionally lists him as a “licensed Apple technician.”



Source link

Apple million researcher Respected security stole
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

Your Next iPhone Charger Won’t Need an Apple Logo to Be Fast

July 25, 2025

The iOS 26 Public Beta Cycle Begins

July 24, 2025

Want to Add USB-C to Your Older iPhone? This Case Might Do the Trick

July 24, 2025

iOS 26 beta 3 revision now available

July 24, 2025
Add A Comment

Comments are closed.

Editors Picks

Best Zamazenta Raid Counters in 2022

August 18, 2022

Identifying And Overcoming The Dark Matter Of Work

June 30, 2022

Apple ‘Shuffles’ Its Music Execs

May 1, 2025

Gila teams with Finastra

October 31, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

The Naked Gun review: Charged with man’s laughter

Samsung Galaxy Tab S10 FE+ review: A Galaxy Tab S10+ for less?

Fairphone (Gen 6) review: Sustainability done the right way

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.