Blue Toad says 98 percent of the IDs match records copied illicitly from its database two weeks ago

Members calling themselves members of the hacker collective Anonymous and the movement AntiSec claimed to have stolen 12 million UDIDs (unique device identifier) that are used to uniquely identify an iPhone, iPad, or iPod touch.

The groups claimed to have stolen the data from "a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team."

But an app developer is calling that claim into serious question, after it decided to come clean, claiming the ids were stolen from its databases, not from the FBI.  It said all 1 million UDIDs nearly all (98 percent) matched those in its scooped table.  It claimed the table was illegitimately accessed two weeks ago -- not back in March as Anonymous/AntiSec had claimed.

An Apple, Inc. (AAPL) spokesperson confirmed this was possible, commenting, "As an app developer, BlueToad would have access to a user's device information such as UDID, device name and type. Developers do not have access to users' account information, passwords or credit card information, unless a user specifically elects to provide that information to the developer."

Blue Toad
Blue Toad helps newspapers and other publications monetize their content via an app platform for the iPhone and iPad.

Pauld Dehart, CEO of BlueToad, who makes apps for written content publishers (e.g. magazines), commented, "As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this."

Of course if you were prone to conspiracy theories, you could imagine that Blue Toad was "covering" for the U.S. Federal Bureau of Investigation.  More likely, though, whoever took the data -- be it Anonymous/AntiSec or someone posing as the well-known "hacktivist" groups -- spun the yarn about the FBI laptop to make the tale of a pedestrian SQL injection effort a bit more exciting.

If so, the ploy worked -- the story received truckloads of attention from the media.  

The story is similar, in some ways, to Goatse Security's 2010 illicit capture of 114,000 ICC-IDs -- another unique identifier code which are associated with iPad/iPhones' SIM cards on AT&T, Inc.'s (T) U.S. network.

Source: NBC News

"We don't know how to make a $500 computer that's not a piece of junk." -- Apple CEO Steve Jobs

Most Popular Articles

Copyright 2018 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki