Skip to main content

Review goes hands-on w/ a fake $100 iPhone X & the grave security holes that come with it

The market of counterfeit Apple products has been well documented in the past, with offerings ranging from knockoff AirPods to deceivingly well-designed Apple Watch clones. Now, a new report from Motherboard examines a counterfeit iPhone X purchased for $100…

Right off the bat, in terms of design, the counterfeit iPhone X largely resembles one you’d buy from an Apple Store:

The phone looks like an iPhone X. It has the same form factor, most of the same detailing, no home button, the same volume rockers and side buttons, a working Lightning port, and the same speaker holes on the bottom of the phone. It also has pentalobe screws on the bottom of the device, just like an iPhone.

The packaging is also eerily similar, with the same “Designed by Apple in California” branding and a paper insert explaining how to use Face ID. There’s even an IMEI number printed on the side of the box that corresponds to a legitimate iPhone X.

Once you turn the device on, however, it becomes abundantly clear that this is not the real deal. The notch along the top is purely software-created, while the display doesn’t actually extend all the way to the bottom of the chassis.

Perhaps one of the most humorous parts of the setup process on this “iPhone X” was setting up Face ID:

I clicked over to Face ID in the settings menu, clicked “Add a Face ID,” and was hilariously bounced over to the camera, which did manage to draw a green box around my face. It said “Face Added,” and closed. I was then able to unlock the phone with my face. So was literally anyone else who put their face in front of the phone.

Elsewhere throughout the OS, it’s abundantly clear the device runs a skinned version of Android. The so-called App Store crashes regularly, displaying a popup that reads “Google Play Store” has crashed. Opening “Apple Maps” actually just opens Google Maps, “Podcasts” opens the YouTube app, and more.

Most importantly of all, however, are the grave security concerns that come with using a device like this. Motherboard worked with Trail of Bits researcher Chris Evans to break down just how insecure this counterfeit iPhone X really is:

According to Evans, the phone runs a version of Android with a patchwork of code taken from several different sources. The phone is also loaded with backdoors and malicious apps.

The apps, which appear to come from several different online sources, is where it “gets really bad,” as Evans put it in the report shared with Motherboard. Security features such as permissions, regulation, or sandboxing (which keep a vulnerability in one app from affecting other parts of the phone) are “almost non-existent.”

Several of the stock fake Apple apps such as Compass, Stocks, Clock ask for “invasive permissions,” such as reading text messages. It’s unclear if this is a sign that the developers were mediocre or malicious, Evans wrote.

While you might not ever be in the position of accidentally (or purposefully) buying a counterfeit iPhone X, it’s incredibly clear there is a market for such a device. The one highlighted by Motherboard was purchased in Shenzhen, China, and that $100 price tag makes it an enticing, but unwise purchase, for someone looking to get an iPhone X-esque design on a budget.

Read Motherboard’s full piece for additional details.


Subscribe to 9to5Mac on YouTube for more Apple news:

FTC: We use income earning auto affiliate links. More.

You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Comments

Author

Avatar for Chance Miller Chance Miller

Chance is the editor-in-chief of 9to5Mac, overseeing the entire site’s operations. He also hosts the 9to5Mac Daily and 9to5Mac Happy Hour podcasts.

You can send tips, questions, and typos to chance@9to5mac.com.

Manage push notifications

notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications
notification icon
We would like to show you notifications for the latest news and updates.
notification icon
You are subscribed to notifications