The jailbreaking community has been around for a very long time. It’s not necessarily something Apple is a fan of, either. The company has been waging a push-and-pull battle with the community for as long as it’s been around, trying to keep a lid on secrets and exploits. Meanwhile, the community aims for a more open platform in general, offering up tweaks and much more for users who are interested in working outside of Apple’s walled garden.
However, an arm of that community also deals with illicitly traded Apple documentation, software in some instances, and hardware. It’s these areas that Apple is most interested in, with the company’s Global Security team tasked with finding these things, and the people responsible. In an effort to meet that goal, it’s no surprise to hear that the Global Security team has used “double agents” to gain an upper hand.
And today, thanks to a report from Motherboard, we get to hear one such story.
The publication states that it has verified the details of the jailbreaking community member’s story, so, as it stands right now, everything below appears to be the truth. With that in mind, it’s absolutely worth heading over to Motherboard and checking out the full story of Andrey Shumeyko who has gone by the handles YRH04E and JVHResearch within the jailbreaking community.
Shumeyko says they “advertised leaked apps, manuals, and stolen devices for sale,” and dealt directly with many individuals willing to pay to get their hands on those materials and hardware. However, while they were doing all of this within the community, they were also reporting back to Apple. Shumeyko shared personal information regarding the people who sold stolen iPhone prototypes in countries like China, and even regarding Apple employees who leaked information online.
Shumeyko says he is coming forward now, after all this time, because he finalized realized “that that relationship never took into consideration my side and me as a person.” Moreover, he says that Apple did not properly compensate him for the information he shared with the Global Security team. And, again, this all sounds legitimate, based on the report:
Shumeyko shared several pieces of evidence to back up his claims, including texts and an email thread between him and an Apple email address for the company’s Global Security team. Motherboard checked that the emails are legitimate by analyzing their headers, which show Shumeyko received a reply from servers owned by Apple, according to online records.
Shumeyko said he established a relationship with Apple’s anti-leak team—officially called Global Security—after he alerted them of a potential phishing campaign against some Apple Store employees in 2017. Then, in mid-2020, he tried to help Apple investigate one of its worst leaks in recent memory, and became a ‘mole,’ as he put it.
Shumeyko was a key figure, at least behind-the-scenes, regarding the early iOS 14 leak that occurred last year, before the mobile operating system had debuted. The jailbreaking community member reached out to Apple directly in May, offering up information about the person who had obtained the iPhone 11 with the early build of iOS 14 installed on it.
I think I found the mole who helped him orchestrate the thing,’ Shumeyko wrote to Apple, referring to the iOS 14 leak and the person who allegedly purchased the stolen prototype. ‘I’ve identified which one of the 3 Chinese hardware suppliers sent him the phone. I’ve received a package from that same guy in the past (still have the DHL tracking number), and I have his phone number. Would any of the above be of any aid?
It didn’t take long before someone at Apple reached out to Shumeyko. And it appears that Shumeyko was upfront about the reasons why he was willing to work with Apple after being a member of the jailbreaking community for so long: redemption and money. He saw working with Apple as a way to try and redeem himself for being part of the community dealing with illicit material, but also hoped to get paid, too.
The information Shumeyko shared kept the channels between him and Apple open for more than a year.
Others in the jailbreaking community have opinions regarding Shumeyko:
He’s tweeted a lot with internal materials from Apple,’ one of the people in the Apple jailbreaking and internal community told Motherboard in an online chat. ‘I think he is widely trusted to be an original source of that information.”
Another person, who also asked to remain anonymous as he, too, is involved in the jailbreaking and internal communities and fears retaliation from Apple, told Motherboard that Shumeyko ‘was most definitely involved in that community and he most definitely had some level of access to things he shouldn’t have.
Shumeyko tried to find out what Apple was doing in regards to the information he was sharing, allegedly trying to find out if it was “helping” or not. Per the original report:
I know I’m very much a part of the problem that I’m trying to report, and I really hate to be the Karen of this story, but still, I’m determined to fully follow through with this and I’m sorry for being a huge inconvenience,’ Shumeyko told the Apple Global Security employee, according to the chats viewed by Motherboard. ‘I know you probably can’t answer all of my previous questions, so could you kindly get someone who can talk to me over email or this app? Again: 1) How helpful were the materials provided? 2) Should I try to obtain more information? 3) Do I get any protection at all as a whistleblower?
However, here was Apple’s reply –when Apple did reply– to those kinds of statements:
We appreciate the information you provide. Please feel encouraged to keep sharing what you have.
Which makes sense. Apple’s Global Security team isn’t going to go into detail regarding its responses to information that is being shared with it. That would potentially risk being able to continue to follow up on those reports at all. Apple’s GS team can’t go into detail about how it functions, even to the people sharing information.
Shumeyko did learn about one instance of his actions having real world consequences, though:
In the summer of 2020, Shumeyko told his Apple Global Security contact that he’d been in touch with an Apple employee in Germany who worked on Apple Maps. Shumeyko alleged that the employee was offering to sell access to an internal Apple account used by employees to log in to their corporate emails and intranet. Shumeyko said he always kept contact with the employee, who eventually told him that he’d gotten fired.
Shumeyko said he was hoping that by helping Apple, the company would help him in return. But that, he said, never happened. And he’s now questioning whether he should have helped in the first place.
Now it feels like I ruined someone for no good reason, really,’ Shumeyko told me, referring to the Apple employee in Germany.
It’s an interesting read, and absolutely worth the time to check out. Head over to Motherboard to learn more about this tale of a double agent within the jailbreaking community.