Man
Professional
- Messages
- 2,956
- Reaction score
- 477
- Points
- 83
Security researcher Noah Roskin-Frazee, who helped Apple find a Wi-Fi vulnerability, has been arrested for fraud and defrauding the company of $3 million. Frazee and an accomplice stole $2.5 million in Apple gift cards and merchandise worth more than $100,000.
The court documents don't directly name Apple, but they do list "Company A," which is based in Cupertino. The court also notes that one of the perpetrators used gift cards to "purchase Final Cut Pro from the App Store," and Apple is the only company that sells that software.
In 2019, Frazee and an accomplice used a password reset tool to gain access to an employee account that belonged to an unnamed “Company B,” which supports Apple customers. This allowed them to access additional employee credentials, including Company B’s VPN servers.
Thanks to this, Frazee was able to get into Apple's systems, placing fraudulent orders for Cupertino equipment. He used the Toolbox program, which is needed to edit orders after they were placed. The fraudster reset the cost of the orders, added other products, and extended AppleCare insurance for himself and his accomplice. All this happened between January and March 2019.
Frazee was charged with mail fraud, conspiracy to commit wire and money order fraud, conspiracy to commit computer fraud, and intentionally damaging a protected computer.
The researcher now faces more than 20 years in prison and confiscation of illegally obtained goods.
In January, Apple thanked Frazee for discovering several bugs in macOS Sonoma, and the document was published less than two weeks after his arrest.
Source
The court documents don't directly name Apple, but they do list "Company A," which is based in Cupertino. The court also notes that one of the perpetrators used gift cards to "purchase Final Cut Pro from the App Store," and Apple is the only company that sells that software.
In 2019, Frazee and an accomplice used a password reset tool to gain access to an employee account that belonged to an unnamed “Company B,” which supports Apple customers. This allowed them to access additional employee credentials, including Company B’s VPN servers.
Thanks to this, Frazee was able to get into Apple's systems, placing fraudulent orders for Cupertino equipment. He used the Toolbox program, which is needed to edit orders after they were placed. The fraudster reset the cost of the orders, added other products, and extended AppleCare insurance for himself and his accomplice. All this happened between January and March 2019.
Frazee was charged with mail fraud, conspiracy to commit wire and money order fraud, conspiracy to commit computer fraud, and intentionally damaging a protected computer.
The researcher now faces more than 20 years in prison and confiscation of illegally obtained goods.
In January, Apple thanked Frazee for discovering several bugs in macOS Sonoma, and the document was published less than two weeks after his arrest.
Source