Jailbreaking community member said he served as a 'spy' for Apple
An active member of the Apple jailbreak and leaking community reportedly served as a "double agent" and spied for the Cupertino tech giant's security team.
Credit: Giles Lambert/Unsplash
Andrey Shumeyko, who goes by handles JVHResearch and YRH04E, advertised leaked Apple apps, internal company documents, and stolen devices to a community that traded in such commodities. However, unbeknownst to others in the community, he also shared a wealth of details about its inner workings to Apple.
According to Motherboard, Shumeyko reportedly provided Apple with the personal information of people who sold stolen prototype devices and Apple employees who leaked information online. He also informed Apple of journalists who maintained relationships with leakers and any other details he thought the company might want to know about.
Shumeyko said he is sharing his story because he felt like Apple took advantage of him and didn't compensate him for the information that he provided to the company's Global Security team.
Motherboard verified the authenticity of Shumeyko's evidence, including emails with the Global Security team that originated from servers owned by Apple.
Shumeyko first established a relationship with Apple's Global Security team, which investigates leaks and is staffed with former intelligence and military personnel, in 2017. At the time, he alerted the team of a potential phishing campaign against Apple Store employees. Then, in mid-2020, Shumeyko says he served as a "mole" and tried to help Apple investigate some of its worst leaks.
For example, Shumeyko reportedly reached out to Apple's Global Security team and offered details about the iOS 14 leak -- including the person who allegedly purchased the prototype iPhone, security researchers who received copies of the build, and a handful of people in China who traded in stolen prototypes.
Shumeyko said he was willing to share information with Apple to try and redeem his past actions leaking information. A well-respected member of the leaking and jailbreaking community, other members said they had no idea that Shumeyko was acting as a mole for Cupertino.
At another point, the leaker also provided Apple with information after an employee allegedly sold access to an internal Apple account. Shumeyko believed that this information would entitle him to a reward, but no such compensation came.
"Now it feels like I ruined someone for no good reason, really," Shumeyko told Motherboard in reference to the Apple employee.
Weeks later, after being frustrated about the lack of compensation, Shumeyko sold the internal information to 9to5Mac, which wrote an article about it.
The leaker apologized almost immediately to Apple Global Security, who told him that he should consult the team before publishing anything else.
"Please understand that our goal is to protect Apple. All our actions are guided by the premise of what is best for the company, our employees, and our customers (of which you are one). Therefore your help-- and insights-- in understanding possible threats to us are very important," the Apple Global Security Team said in an email. "My personal advice is that you continue to do the right things so that you can build a positive image for yourself. Do the right things to protect Apple. Keep it that way, you will be proud of yourself, so will we."
Apple is well-known for its secrecy culture, but its response to leakers has largely been shrouded in mystery in recent years. Earlier in 2020, however, reports indicated that the company was ramping up its anti-leak efforts in China, where there is a thriving gray market for stolen prototypes and internal software.
In a cease and desist letter addressed to a Chinese citizen in June, Apple said that leaks of unreleased products or hardware "harm the interests of consumers and Apple."
Read on AppleInsider
Credit: Giles Lambert/Unsplash
Andrey Shumeyko, who goes by handles JVHResearch and YRH04E, advertised leaked Apple apps, internal company documents, and stolen devices to a community that traded in such commodities. However, unbeknownst to others in the community, he also shared a wealth of details about its inner workings to Apple.
According to Motherboard, Shumeyko reportedly provided Apple with the personal information of people who sold stolen prototype devices and Apple employees who leaked information online. He also informed Apple of journalists who maintained relationships with leakers and any other details he thought the company might want to know about.
Shumeyko said he is sharing his story because he felt like Apple took advantage of him and didn't compensate him for the information that he provided to the company's Global Security team.
Motherboard verified the authenticity of Shumeyko's evidence, including emails with the Global Security team that originated from servers owned by Apple.
Shumeyko first established a relationship with Apple's Global Security team, which investigates leaks and is staffed with former intelligence and military personnel, in 2017. At the time, he alerted the team of a potential phishing campaign against Apple Store employees. Then, in mid-2020, Shumeyko says he served as a "mole" and tried to help Apple investigate some of its worst leaks.
For example, Shumeyko reportedly reached out to Apple's Global Security team and offered details about the iOS 14 leak -- including the person who allegedly purchased the prototype iPhone, security researchers who received copies of the build, and a handful of people in China who traded in stolen prototypes.
Shumeyko said he was willing to share information with Apple to try and redeem his past actions leaking information. A well-respected member of the leaking and jailbreaking community, other members said they had no idea that Shumeyko was acting as a mole for Cupertino.
At another point, the leaker also provided Apple with information after an employee allegedly sold access to an internal Apple account. Shumeyko believed that this information would entitle him to a reward, but no such compensation came.
"Now it feels like I ruined someone for no good reason, really," Shumeyko told Motherboard in reference to the Apple employee.
Weeks later, after being frustrated about the lack of compensation, Shumeyko sold the internal information to 9to5Mac, which wrote an article about it.
The leaker apologized almost immediately to Apple Global Security, who told him that he should consult the team before publishing anything else.
"Please understand that our goal is to protect Apple. All our actions are guided by the premise of what is best for the company, our employees, and our customers (of which you are one). Therefore your help-- and insights-- in understanding possible threats to us are very important," the Apple Global Security Team said in an email. "My personal advice is that you continue to do the right things so that you can build a positive image for yourself. Do the right things to protect Apple. Keep it that way, you will be proud of yourself, so will we."
Apple is well-known for its secrecy culture, but its response to leakers has largely been shrouded in mystery in recent years. Earlier in 2020, however, reports indicated that the company was ramping up its anti-leak efforts in China, where there is a thriving gray market for stolen prototypes and internal software.
In a cease and desist letter addressed to a Chinese citizen in June, Apple said that leaks of unreleased products or hardware "harm the interests of consumers and Apple."
Read on AppleInsider
Comments
So which is it, is he trying to redeem his past actions or cash in? Don’t get mad because Apple treated him like the scumbag that he is.
"'Now it feels like I ruined someone for no good reason, really,' Shumeyko told Motherboard in reference to the Apple employee."
Or to say the same horrible thing another way...
"It would have been good to ruin someone, had I gotten paid for it."
Holy cow! How you feel about others depends on whether you got paid to nail them?
Hiring amoral "will do anything for cash" people like this to stop leaks and prototype sales is clearly a defense of "the ends justify the means." But in fact, the ends do not justify the means. Quite disappointed to hear this news.
Clearly this guy is in the wrong for reasons I've already stated, but the extend of the Apple relationship is not crystal clear.
It looks very much like a story looking to cash in on the circuitous 'Apple in the news' graft. Shockingly it worked again. His name is now out there, he gets time on the Apple "fan" circuit, maybe he gets column somewhere on that circuit, those looking to clutch their pearls get to cautiously clutch their pearls on a story that otherwise means nothing, and the next and even better shocking! story(graft) is coming up tomorrow or the next day. Rinse and repeat...