Tuesday, September 4th, 2012


AntiSec Leaks 1m Apple UDIDs Allegedly Obtained from FBI Breach.

The AntiSec hacking group claims to have released a set of more than 1 million Apple Unique Device Identifiers (UDIDs) obtained from breaching the FBI. The group claims to have over 12 million IDs, as well as personal information such as user names, device names, notification tokens, cell phone numbers and addresses.

(Updated with link below to check whether your device’s UDID was leaked)

The hackers issued a statement with the following description on how the data was obtained:

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.

They published the UDID numbers to call attention to suspicions that the FBI used the information to track citizens. Much of the personal data has been trimmed, however, with the hackers claiming to have left enough for “a significant amount of users” to search for their devices.

If AntiSec’s account of the breach is accurate, the NCFTA acronym in the filename would likely refer to the National Cyber-Forensics & Training Alliance, a non-profit corporation of experts from both the private and public sector that investigates cyber-crimes.

TNW has contacted the FBI for comment. Meanwhile, AntiSec says it will not provide further statements or interviews until a mysterious request is fulfilled – to have a photo of a Gawker staff writer dressed in a tutu featured on the company’s homepage.

Update: The TNW tech team has built a tool to let you check whether your device was included in the list.

 

 

WARREN: “I don’t see how it can take hold with voters because it’s just not true. The basics is that right now with what the president has done, is he has strengthened Medicare and what he’s really done is he’s given seniors better protection.”

Is Elizabeth Warren serious or delirious?

Follow

Get every new post delivered to your Inbox.

Join 59 other followers