Security Researcher Allegedly Exploited Internal Apple Tool to Steal Millions

by

A security researcher who reported bugs to Apple was arrested in January for defrauding the company out of millions of dollars, according to a report from 404 Media.

bug security vulnerability issue fix larry
The researcher, Noah Roskin-Frazee, was accused alongside a co-conspirator obtaining over $3 million in products and services through more than two dozen fraudulent orders. That included around $2.5 million in gift cards and over $100,000 in "products and services."

While Apple is not explicitly named in the court records, an unnamed "Company A" is located in Cupertino, California, and is clearly Apple. The court mentions that one of the perpetrators used gift cards to "purchase Final Cut Pro on Company A's App Store," and Apple is the only company that sells the software.

In 2019, Frazee and his accomplice used a password reset tool to gain access to an employee account that belonged to an unnamed "Company B," which does customer support for Apple. That account led to access to additional employee credentials, and Frazee accessed Company B's VPN servers. From there, Frazee was able to get into Apple's systems, placing fraudulent orders for Apple products.

He used Apple's "Toolbox" program that could be used to edit orders after they were placed, and he changed order values to zero, added products to orders, and extended AppleCare contracts. He abused Apple's program from January to March 2019.

The defendants remoted into computers located in India and Costa Rica as part of the scheme, the indictment adds. The scam itself involved changing order monetary values to zero, adding products to existing orders without cost such as phones and laptops, and extending existing service contracts, the indictment adds. That included extending a customer service contract that was associated with one of the defendants and his family for an extra two years without paying.

Apple thanked Frazee for in a January support document for finding several bugs in macOS Sonoma, and the document was published less than two weeks after he was arrested. "We would like to acknowledge Noah Roskin-Frazee and Prof. J. (ZeroClicks.ai Lab) for their assistance," reads Apple's page in reference to a Wi-Fi vulnerability.

Frazee has been charged with wire fraud, mail fraud, conspiracy to commit wire fraud and mail fraud, conspiracy to commit computer fraud and abuse, and intentional damage to a protected computer. He will be required to forfeit all of the stolen goods, and he could be sentenced to more than 20 years in jail if convicted.

Popular Stories

iOS 26

15 New Things Your iPhone Can Do in iOS 26.2

Friday December 5, 2025 9:40 am PST by
Apple is about to release iOS 26.2, the second major point update for iPhones since iOS 26 was rolled out in September, and there are at least 15 notable changes and improvements worth checking out. We've rounded them up below. Apple is expected to roll out iOS 26.2 to compatible devices sometime between December 8 and December 16. When the update drops, you can check Apple's servers for the ...
Read Full Article50 comments
Intel Inside iPhone Feature

Apple's Return to Intel Rumored to Extend to iPhone

Friday December 5, 2025 10:08 am PST by
Intel is expected to begin supplying some Mac and iPad chips in a few years, and the latest rumor claims the partnership might extend to the iPhone. In a research note with investment firm GF Securities this week, obtained by MacRumors, analyst Jeff Pu said he and his colleagues "now expect" Intel to reach a supply deal with Apple for at least some non-pro iPhone chips starting in 2028....
Read Full Article151 comments
ive and altman

Jony Ive's OpenAI Device Barred From Using 'io' Name

Friday December 5, 2025 6:22 am PST by
A U.S. appeals court has upheld a temporary restraining order that prevents OpenAI and Jony Ive's new hardware venture from using the name "io" for products similar to those planned by AI audio startup iyO, Bloomberg Law reports. iyO sued OpenAI earlier this year after the latter announced its partnership with Ive's new firm, arguing that OpenAI's planned "io" branding was too close to its...
Read Full Article55 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Monday December 1, 2025 2:40 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article107 comments
iPhone 14 Pro Dynamic Island

iPhone 18 Pro Leak Adds New Evidence for Under-Display Face ID

Monday December 8, 2025 4:54 am PST by
Apple is actively testing under-screen Face ID for next year's iPhone 18 Pro models using a special "spliced micro-transparent glass" window built into the display, claims a Chinese leaker. According to "Smart Pikachu," a Weibo account that has previously shared accurate supply-chain details on Chinese Android hardware, Apple is testing the special glass as a way to let the TrueDepth...
Read Full Article61 comments
Photos App Icon Liquid Glass

John Gruber Shares Scathing Commentary About Apple's Departing Software Design Chief

Thursday December 4, 2025 9:30 am PST by
In a statement shared with Bloomberg on Wednesday, Apple confirmed that its software design chief Alan Dye will be leaving. Apple said Dye will be succeeded by Stephen Lemay, who has been a software designer at the company since 1999. Meta CEO Mark Zuckerberg announced that Dye will lead a new creative studio within the company's AR/VR division Reality Labs. On his blog Daring Fireball,...
Read Full Article318 comments
maxresdefault

iPhone Fold: Launch, Pricing, and What to Expect From Apple's Foldable

Monday December 1, 2025 3:00 am PST by
Apple is expected to launch a new foldable iPhone next year, based on multiple rumors and credible sources. The long-awaited device has been rumored for years now, but signs increasingly suggest that 2026 could indeed be the year that Apple releases its first foldable device. Subscribe to the MacRumors YouTube channel for more videos. Below, we've collated an updated set of key details that ...
Read Full Article56 comments
Johny Srouji

Apple Chip Chief Johny Srouji Could Be Next to Go as Exodus Continues

Sunday December 7, 2025 10:41 am PST by
Apple's senior vice president of hardware technologies Johny Srouji could be the next leading executive to leave the company amid an alarming exodus of leading employees, Bloomberg's Mark Gurman reports. Srouji apparently recently told CEO Tim Cook that he is "seriously considering leaving" in the near future. He intends to join another company if he departs. Srouji leads Apple's chip design ...
Read Full Article378 comments
Apple John Ternus 2019

Will John Ternus Really Be Apple's Next CEO?

Friday December 5, 2025 9:01 am PST by
There is uncertainty about Apple's head of hardware engineering John Ternus succeeding Tim Cook as CEO, The Information reports. Some former Apple executives apparently hope that a new "dark-horse" candidate will emerge. Ternus is considered to be the most likely candidate to succeed Cook as CEO. The report notes that he is more likely to become CEO than software head chief Craig Federighi, ...
Read Full Article182 comments
ios 18 to ios 26 upgrade

Apple Pushes iPhone Users Still on iOS 18 to Upgrade to iOS 26

Tuesday December 2, 2025 11:09 am PST by
Apple is encouraging iPhone users who are still running iOS 18 to upgrade to iOS 26 by making the iOS 26 software upgrade option more prominent. Since iOS 26 launched in September, it has been displayed as an optional upgrade at the bottom of the Software Update interface in the Settings app. iOS 18 has been the default operating system option, and users running iOS 18 have seen iOS 18...
Read Full Article277 comments

Top Rated Comments

swingerofbirch Avatar
swingerofbirch
24 months ago

If found guilty, I hope he has to serve the max sentence allowed. What a scum bag.
Steve Jobs and Steve Wozniak sold blue boxes that hacked the telephone companies to allow people to make free, illegal long distance calls.

And then of course Steve Jobs was involved in the unreported backdating stock options scandal in which he tried to make off with $20 million that would have gone unreported to the IRS if Apple hadn't finally come clean. They admitted to fraudulently concocting a board meeting that never happened during which the stock options were supposedly signed off on.

This is a cut-throat company that has dealt in treachery as a business model from the beginning. I don't lose sleep over them being the victim of the same deceit they practice.
Score: 37 Votes (Like | Disagree)
antiprotest Avatar
antiprotest
24 months ago
He should get $10,000 reduced from his sentence as a bounty for finding the security issue.
Score: 21 Votes (Like | Disagree)
Apple_Robert Avatar
Apple_Robert
24 months ago
If found guilty, I hope he has to serve the max sentence allowed. What a scum bag.
Score: 11 Votes (Like | Disagree)
japanime Avatar
japanime
24 months ago

Whoever could company “a” be? Hint hint.
I'm more interested in finding out who "Company B" is. Would be nice to know to whom (and where) Apple is outsourcing its support.
Score: 8 Votes (Like | Disagree)
MacTwick Avatar
MacTwick
24 months ago
When I worked at Apple during covid I had Toolbox and SAP access. In the course of 6 months I ended up giving away probably $20,000 worth of free stuff by making the price $0.00 (It was my job to give stuff away for customer service/ customer relation cases). The amount of stuff given away was watched very closely, so I'm super surprised it hit the millions in this case without getting caught.
Score: 8 Votes (Like | Disagree)
xizdun Avatar
xizdun
24 months ago

perpetrators used gift cards to "purchase Final Cut Pro on Company A's App Store ('https://www.macrumors.com/guide/app-store/')," and Apple is the only company that sells the software.
looool. That cracked me up. Prosecutors doing a search-and-replace for "Apple" and "Company A". ??
Score: 6 Votes (Like | Disagree)
Read All Comments