Counterfeit iPhone X Discovered Running iOS-Skinned Android Riddled With Backdoors And Malware

If it sounds too good to be true, it probably is. Smartphone users know that there are hordes of counterfeit devices and apps out there that are meant to give nefarious parties access to your device and personal information. In the case of counterfeit devices, they often have the same general appearance as their intended target, but often miss the mark in some glaring areas. Such is the case with this Apple iPhone X counterfeit device that was discovered for sale in China at a low, low price of $100 (compared to the $999 starting MSRP for the real deal).

At that price, you would assume that something is amiss, but the device looked so much like an iPhone in style and in software, that it was hard to tell, at first glance. Ultimately, security researchers took the device and probed it to find out what made it tick and just how secure it was. The device arrived in a white box that looked like an iPhone box, but with images and text said to be a little blurry.

The alleged iPhone X has the same volume rockers, the same side buttons, a working Lightning port, and what appeared to be the same pentalobe screws that a real iPhone has (they weren’t). It even had instructions telling users how to setup Face ID and an IMEI number that resolved as an iPhone X.

Apple logos show when the device boots and the menus look very much like iPhone menus according to reports. At some point in fiddling with the device, Motherboard notes that the “App Store” on the faux iPhone X crashed and the error message given said that “Google Play” had crashed and the infamous notch was software-generated. 

A comprehensive probe of the phone revealed that the device ran a version of Android with code from several unidentified sources. The researchers also noted that the device was riddled with backdoors and malicious apps. Researchers found fake stock iOS apps on the device like Compass, Stocks, and Clock that asked for invasive permissions like the ability to read texts. The researchers weren’t sure if that means the developers were just not that good at what they did or if the device was intentionally malicious.

The “mishmash” of default apps are “horribly insecure” and the researchers noted that they could be outright malicious. Evidence was also found of a “wide range of backdoors” that could have been written by several developers. The fake Safari app, for instance, uses custom libraries to open a backdoor and allow code to be run on the device remotely. Another software package called ADUPS made by a Chinese firm provides OTA updates and is widely considered a backdoor.