Internal threats: How a Low-Level Apple Employee Leaked Some of the iPhone’s Most Sensitive Code

Insider threat - Apple- How a Low - Level Apple Employee Leaked Some of the iPhone's Most Sensitive Code

On Wednesday 9th february 2018, an anonymous person published the proprietary source code of a core and fundamental component of the iPhone’s operating system.

A user named “ZioShiba” posted the closed source code for iBoot—the part of iOS responsible for ensuring a trusted boot of the operating system—to GitHub, the internet’s largest repository of open source code.

An iPhone researcher called it the “biggest leak” in the history of the iPhone. The iBoot code is for iOS 9 and the code is two-years old. But even today, it could help iOS security researchers and the jailbreak community find new bugs and vulnerabilities in a key part of the iPhone’s locked-down ecosystem.

It’s an embarrassment for a company that prides itself in secrecy and aggressively goes after leaks and leakers.

How does something like this happen?

A low-level Apple employee with friends in the jailbreaking community took code from Apple while working at the company’s Cupertino headquarters in 2016, according to two people who originally received the code from the employee. Motherboard editors corroborated these accounts with text messages and screenshots from the time of the original leak and has also spoken to a third source familiar with the story.

The person took the iBoot source code—and additional code that has yet to be widely leaked—and shared it with a small group of five people.


More information about the insider threat incident in the news:


This is how a small group of friends lost control of the leaked iBoot source code. The story behind one of Apple’s most embarrassing leaks.


Cybersecurity Insiders 

Leaked iOS source code could spell trouble for Apple Inc.

Leaked iOS source code could spell trouble for Apple Inc.