In February, the so-called early preview version of iOS 14 was circulating in the iPhone Jailbreak and Hacking Circle. Reports say the software is suspected to have flowed out of domestic supply chain partners, and while such leaks are not unusual, it is the first Apple software to be leaked months before its release. Motherboard, citing people familiar with the matter, said they suspectsome people will at some point buy an early device for “tens of thousands of dollars” and then extract an older version of iOS 14 (timestamp december 2019).
Independent security researchers also confirmed to Motherboard that they had studied an earlier version of iOS 14 to identify vulnerabilities at an early date. As is customary, Apple will soon announce many of the changes that iOS 14 brings.
Motherboard also noted that there is a hashtag called #AppleInternals on Twitter. Once you’ve clicked in, you can see multiple accounts that are selling iOS 14 early code.
Two anonymous netizens confirmed to the media that they had been exposed to the compromised code. One of them also claimed to have made a full copy of the device with root access enabled. Given Apple’s tough stance, security researchers don’t expect Apple to comment.
In fact, as early as 2019, an investigation found a gray market area for “illegalsmuggling” of Apple devices. Resold devices are used by some people to research, detect, and exploit vulnerabilities against iOS.
In addition, since February, there has been a steady stream of revelations about the upcoming Apple hardware and related features implied in iOS, and it’s not hard to guess that the leaks originated from the iOS 14 build mentioned above.
Ryan Duff, sixGEN’s director of network products, said the incident meant Apple was hit by a serious process control vulnerability that was deteriorating over time.