We all know the story of the prototype iPhone 4 that was left at a bar, spoiling what could have been one of the biggest surprises in Apple history.

But have you heard the one about the stolen prototype iPhones that are still winding up in unintended hands — in this case, hackers bent on finding ways to break into Apple’s operating system?

That’s the focus of a new Motherboard investigation this week, which claims there’s now a gray market for “dev-fused” iPhone prototypes that have been stolen from Apple’s production lines. They’re devices which are uniquely valuable for helping security researchers find vulnerabilities because they run a less hardened version of the OS where root access is trivial to obtain, according to the report.

Motherboard’s sources say that the “switchboard” phones — an dev-fused iPhone X costs as little as $1,800 — have already been used to help develop the handheld Cellebrite machines reportedly used by law enforcement agencies to break into phones. Originally, Cellebrite was thought to be the company helping the FBI crack an iPhone 5C belonging to a San Bernadino terrorist in 2016 — though that was later refuted, the FBI did pay an unknown party over $1 million to get into that phone.

And, says Motherboard’s sources, these stolen phones were the way security researchers were able to study Apple’s special Secure Enclave security coprocessor in 2017, potentially exposing vulnerabilities in the chip explicitly designed to keep iPhones secure.

There’s a lot more in the full Motherboard story.