more than a few hackers out there that hide under the auspices of
"security researchers" and use their cover to hack into servers. At
times the hackers with these security firms close the holes that they used to
hack into the servers, and at other times they post the exploits so more
nefarious users can gain access if the company or organization hacked doesn't
do something about it.
One of the biggest cases of so-called security researchers hacking into a
server was about a year ago when Goatse Security analysts Andrew Auernheimer
and Daniel Spitler successfully hacked into the servers of AT&T
and stole the email addresses and personal data of over 100,000 iPad users.
Spitler has already made a plea arrangement on the charges stemming from the arrest
and investigation and now it appears that Auernheimer is set to make a plea as
Auernheimer and his attorney are now working to come
to a plea deal that could see the hacker spend as much as 18 months in
prison. District Judge Susan Wigenton has put the case on hold while the plea
is being worked on Wigenton said, "Plea negotiations are currently in
progress and both the United States and the defendant desire additional time to
finalize a plea agreement, which would render trial of this matter
The prosecutors in the case allege that the defendants used an "account
slurper" to match email addresses to the integrated circuit card
identifiers for iPad users. The slurper then used a brute force attack to
extract data about the users that used the AT&T network for web access.
Auernheimer's public defender didn’t return a request for comment from Reuters.