Apple secretly worked with a ‘Double Agent’ who snitched on other leakers in the community

Apple had been working with a member of the iPhone leakers and stolen prototypes trading community for a year to get information on other members of the community. This has been revealed as per a new report by Vice, which also wrote about how a 9to5Mac writer paid a leaker to gain access to Apple data.

The person referred to in both these reports is Andrey Shumeyko, known as YRH04E and JVHResearch online, who shared his story with Vice because he believed that Apple took advantage of him by getting him to provide information on other members of the community, but did not compensate him for his efforts.

Apple iPhone 12

Community member who sold stolen data worked with Apple to provide information on other leakers and sellers

Shumeyko worked with Apple’s Global Security team for a year, starting from mind-2020. This is the team that looks into leaks and how to stop them. This was around the same time that iOS 14 was leaked and websites like 9to5Mac and Macrumors were covering its features in detail. As it turns out, the leaked build came from a stolen iPhone 11 prototype that traded hands in China’s gray market. Apple, being the secrecy-focused company that it is, started investigating how a prototype with an early iOS 14 build made its way to the public.

Consisting of former FBI and U.S. intelligence members, Apple’s Global Security team was contacted by Shumeyko who offered assistance via email. He claimed to have information on the hardware suppliers who sold the phone and was willing to share these details with Apple.

“I think I found the mole who helped him orchestrate the thing,” Shumeyko wrote to Apple, referring to the iOS 14 leak and the person who allegedly purchased the stolen prototype. “I’ve identified which one of the 3 Chinese hardware suppliers sent him the phone. I’ve received a package from that same guy in the past (still have the DHL tracking number), and I have his phone number. Would any of the above be of any aid?”

This piqued the interest of Apple’s Global Security team, with a staff member responding to Shumeyko to get in touch. Being a community member himself who had been involved in selling stolen prototypes and data, Shumeyko saw this as an opportunity to ‘redeem’ himself in Apple’s eyes and help them catch the people responsible. In his email and online chats, he told Apple how he made a mistake by getting into the leak community. The irony is, he went back to his old ways once he realized that Apple would not be rewarding him for his help.

Shumeyko used his good standing and connections in the community to create and share a list with Apple with details of various people who were advertising stolen Apple prototypes on the Internet. This included personal information like phone numbers and WeChat IDs, as well as locations. Some of these people later received legal letters from Apple.

While working as a ‘double agent’ for Apple, Shumeyko kept his relationship with the company a secret. His intentions all along were to somehow get a financial reward from Apple for providing information. He made his intentions clear after a few months to Apple in an online chat:

“I know I’m very much a part of the problem that I’m trying to report, and I really hate to be the Karen of this story, but still, I’m determined to fully follow through with this and I’m sorry for being a huge inconvenience,” ​​Shumeyko told the Apple Global Security employee, according to the chats viewed by Motherboard. “I know you probably can’t answer all of my previous questions, so could you kindly get someone who can talk to me over email or this app? Again: 1) How helpful were the materials provided? 2) Should I try to obtain more information? 3) Do I get any protection at all as a whistleblower?”

However, he got no response to most of these questions. The Apple employees acknowledged his aid and asked him to continue to share more details.

In the summer of 2020, Shumeyko went back to his old ways of selling leaks. He was in touch with an Apple employee in Germany who was selling access to an internal Apple account used by employees that could provide valuable information. Shumeyko even revealed this to Apple, which led to that employee getting fired. Even after all this, he was not rewarded by Apple, which led him to leak the information gained from the terminated employee.

In response, Apple asked him to consult them before publishing any such thing to help protect the best interests of the company, its employees, and customers. However, Shumeyko is still involved in the leaks community due to his financial needs.

About the Author

Technology enthusiast, Internet addict, photography fan, movie buff, music aficionado.