Security Experts:

Corellium: Apple Sued Us After Failed Acquisition Attempt

Florida-based virtualization company Corellium claims that the copyright infringement lawsuit filed by Apple comes in response to a failed acquisition attempt.

Corellium provides a virtual iPhone that can be used to find vulnerabilities and other types of bugs, and to test the functionality of mobile applications on different versions of the iPhone and the iOS operating system.

In a complaint filed in mid-August, Apple claimed Corellium was not authorized to copy its products.

Corellium submitted a response to the lawsuit in late October, but the version of the document that was made public at the time was heavily redacted.

Corellium on Thursday informed SecurityWeek that it has also filed an unredacted version of the document, along with a statement in response to Apple’s lawsuit.

“Apple has been aware of our ground-breaking technology since the company was founded, and at any point in the past two years, Apple could have notified us of their concerns. We think Apple’s lawsuit is driven by its own business interests rather than a genuine belief that we violated any of its rights,” Corellium stated.

The redacted version of the document showed that Apple had attempted to acquire Corellium’s predecessor, a company named Virtual, which provided similar technology and was eventually sold to Citrix. However, the unredacted version of the lawsuit response reveals that Apple made subsequent attempts to acquire Corellium.

Negotiations started in January 2018 and in the following months Apple was provided access to Corellium solutions, the virtualization firm claims.

“So why did Apple sue Corellium? Because it was not able to purchase Corellium or its predecessor company, Virtual, for the price it wanted. Consequently, Apple did the only thing it knew to do when it could not acquire Corellium for less than fair market value – file a lawsuit accusing Corellium of copyright infringement – even though Apple was not only aware of Corellium’s technology for several years, but actually encouraged its development,” Corellium said.

Corellium says Apple owes it $300,000 for macOS and iOS vulnerabilities reported through its bug bounty program. Corellium believes Apple initially did not pay out the rewards thinking that it would eventually own the company, and now it has filed a lawsuit in hopes of getting information on additional bugs for free.

“[This] lawsuit is not driven by Apple’s genuine belief that Corellium infringes its copyrights, but rather by its frustration at not being able to make Corellium’s technology its own,” Corellium said.

Related: Lawmakers Concerned About Apple's Handling of FaceTime Spying Bug

Related: 'Unpatchable' iOS Bootrom Exploit Allows Jailbreaking of Many iPhones

Related: Apple Patches FaceTime Spying Vulnerability

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.