• Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
What's Hot

The iPhone Is Suddenly Doing Better in China

July 4, 2025

Ninja Artisan electric outdoor pizza oven and air fryer review: Easy as pie

July 4, 2025

Apple Mulled Entering the Cloud Wars With an AWS Competitor

July 4, 2025
Facebook Twitter Instagram
  • Contact
  • Privacy Policy
  • Terms & Conditions
Facebook Twitter Instagram Pinterest VKontakte
Behind The ScreenBehind The Screen
  • Tech News
  • Fintech
  • Startup
  • Games
  • Ar & Vr
  • Reviews
  • How To
  • More
    • Mobile Tech
    • Pc & Laptop
    • Security
Behind The ScreenBehind The Screen
Home»Mobile Tech»This Respected Security Researcher Stole $2.5 Million From Apple
Mobile Tech

This Respected Security Researcher Stole $2.5 Million From Apple

February 8, 2024No Comments4 Mins Read
Facebook Twitter Pinterest LinkedIn Tumblr Email
No Device Left Behind? Apple Releases Swath of Security Patches for Older Operating Systems
Share
Facebook Twitter LinkedIn Pinterest Email

A well-respected safety researcher has been indicted in a scheme that allowed him and his cohorts to steal tens of millions of {dollars} of Apple reward playing cards, merchandise, and providers. The twist to the story is that simply days after being indicted within the scheme, Apple thanked him within the notes for one in all its working system safety releases!

The safety researcher in query, Noah Roskin-Frazee, is affiliated with ZeroClicks.ai Lab. He has been praised by Apple for figuring out software program vulnerabilities that led to patches being developed for the failings. Nonetheless, the software program vulnerabilities Roskin-Frazee was thanked for locating had nothing to do with the safety vulnerabilities he allegedly used to steal $2.5 million price of Macs, iPhones, and reward playing cards.

As reported by 404Media, Roskin-Frazee found a vulnerability in
Toolbox, a backend system that Apple makes use of to position orders on maintain. Whereas on maintain, these orders can nonetheless be edited.

Roskin-Frazee and his alleged co-conspirator, Keith Latteri, used a password reset software, getting access to an worker account of an outdoor contractor who aided Apple with buyer help. As soon as they have been capable of entry the worker’s credentials, they have been capable of entry Apple’s techniques, inserting fraudulent orders for Apple units and reward playing cards.

The pair started inserting the fraudulent orders in December 2018, persevering with till a minimum of March 2019.

As soon as within the system, the pair would create and edit orders, including merchandise, together with iPhones and Macs, after which altering the value of the merchandise to zero. The larcenous duo would additionally order reward playing cards for use in Apple retail shops or resold.

See also  Halide 2.13 Adds In-App Action Button Triggers on iPhone 15 Pro

Whereas the duo used false identities and drop transport addresses for the supply of the bodily merchandise, one of many pair took the chance to seize two-year extensions of current AppleCare memberships for himself and members of the family.

Whereas the indictment doesn’t point out Apple by title, the outline of “Firm A” is clearly Apple. from the 404Media report:

Firm A is headquartered in Cupertino, California, and “developed, manufactured, licensed, supported and offered laptop software program, client electronics, private computer systems, and providers,” the indictment reads. In a while, the doc mentions one of many defendants utilizing reward playing cards to “buy FinalCut Professional on Firm A’s app retailer.” FinalCut Professional is Apple’s video enhancing software program, which prices $299.99. The one means to purchase it on-line formally is by way of Apple’s App Retailer.   

Legal professionals for each Latteri and Roskin-Frazee didn’t reply to a request for remark from 404Media.

As if that wasn’t sufficient, a bit lower than two weeks after Roskin-Frazee was arrested, Apple thanked him on its web site for locating safety vulnerabilities in a number of current working system releases, together with macOS 14.2 Sonoma, iOS/iPadOS 17.3, watchOS 10.3, and tvOS 17.3.

We wish to acknowledge Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) for his or her help.

Roskin-Frazee has additionally been acknowledged prior to now for serving to to find vulnerabilities in macOS Ventura 13.6.4 and macOS Monterey 12.7.3.

ZeroClicks.ai Lab is a safety analysis firm that listed Roskin-Frazee as one in all two principals on its web site, alongside “Professor J.” Nonetheless, the location seems to be offline as of this writing.

See also  Small Third-Party Developers Suffer in the Wake of Twitter’s Sudden API Ban

“Bridging the hole between vulnerability and safety, ZeroClicks is a analysis weblog devoted to the safety neighborhood,” the web site beforehand learn. “We unveil new Zero Day findings and vulnerabilities, all found with the help of AI. The idea of “Zero Clicks” embodies the twin nature of cybersecurity, representing each the threats we face and the options we search.”

A Twitter account below Roskin-Frazee’s title additionally lists him as a “licensed Apple technician.”



Source link

Apple million researcher Respected security stole
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

The iPhone Is Suddenly Doing Better in China

July 4, 2025

Apple Mulled Entering the Cloud Wars With an AWS Competitor

July 4, 2025

Apple Will Make Joining Public Wi-Fi Networks Easier in iOS 26

July 3, 2025

Will the iPhone 17 Pro Max Finally Solve Battery Anxiety?

July 3, 2025
Add A Comment

Comments are closed.

Editors Picks

iCloud Shared Photo Library won’t launch with iOS 16

September 9, 2022

Mill Gentle Air oil-filled radiator review

November 14, 2023

Speck Has Your iPhone 15 Covered With Its Cases and Accessories

September 16, 2023

BetaBank signs for Finxact core

July 11, 2022

Subscribe to Updates

Get the latest news and Updates from Behind The Scene about Tech, Startup and more.

Top Post

The iPhone Is Suddenly Doing Better in China

Ninja Artisan electric outdoor pizza oven and air fryer review: Easy as pie

Apple Mulled Entering the Cloud Wars With an AWS Competitor

Behind The Screen
Facebook Twitter Instagram Pinterest Vimeo YouTube
  • Contact
  • Privacy Policy
  • Terms & Conditions
© 2025 behindthescreen.fr - All rights reserved.

Type above and press Enter to search. Press Esc to cancel.