Apple iCloud

Apple’s iMessage service is regarded as one of the more secure messaging services on the market. iMessage provides end to end encryption for user messages, meaning only the sender or receiver can unlock a text.

The weakness in Apples system appears when a phone has iMessage backups on, all of a users texts are uploaded to the iCloud. Giving users the choice to download messages when they change iPhone, means that encryption is not enforced on these backups. When iMessage backups are turned on, Apple can unlock show these texts to the government, if they come with a valid warrant.

According to a recently unsealed search warrant, a crew of alleged dark web vendors operating out of Virginia and shipping opioids around Washington D.C., used iMessage.

The document details an investigation launched in 2020, when Alexandria, V.A., police looked through the iPhone of a confidential source. This revealed iMessage contacts with members of the alleged crew.

The police served Apple with a search warrant for a number of iCloud accounts, scores of iMessages were revealed, these messages showed the manufacture of fentanyl and carfentanil (opioids believed to be 5,000 times more potent than heroin), the quality of pills and their potency, according to the warrant. A search of the informants phone showed purchases of fentanyl across dark web markets, including the now defunct AlphaBay market (once the biggest dark web drug market). Images of what appear to be pills were also in the iMessages, and one of the suspect’s iClouds also included lists of pill ingredients.

Messages from Apple iCloud

Apple iMessage

The defendants in the dark web conspiracy were arrested earlier in February 2021, though they have not filed a plea and they are innocent until proven guilty.

Apple has focused on usability of it’s iCloud service rather than total security. This means that if a user changes iPhone and wants all their old iMessages, Apple has to store them without encryption. Other messaging apps like WhatsApp, also operate this way.

Apple allegedly considered making iClouds harder for police to access. Though the FBI allegedly requested that iCloud messages should remain accessible.