AntiSec Obtains Over 12M Apple UDIDs from FBI Laptop, Leaks 1M to Public
September 4, 2012 6:11 AM
comment(s) - last by
AntiSec hacked an FBI laptop back in March, and is just now revealing its loot
is up to its usual antics again, and this time the hacker group managed to score a wealth of information on users of Apple iOS-based devices. The group claims to have hacked an FBI laptop and obtained over 12 million Apple UDIDs were.
A UDID (unique device identifier) is a 40-character code that is tied to a single device, be it an iPhone, iPad, or iPod touch. The UDID is normally used by app developers for tracking purposes, and Apple uses the UDID when authenticating Siri queries on the iPhone 4S.
In its rather long, rant-filled
, AntiSec describes how it obtained the information:
During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS
devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.
While over 12 million UDIDs were obtained during the attack on the FBI laptop, AntiSec has “only” released 1,000,001 UDIDs to the public. The group has thankfully removed personal information (names, address, cell phone numbers, etc) from list, but searching for your own UDID is rather simple using the following
. The site allows you to search the list for your UDID using a partial string instead of divulging all 40 characters.
You can view your UDID from within iTunes or
via an app
directly from your iPhone or iPad.
It's worth noting that the NCFTA reference in the filename is likely pointing to
National Cyber-Forensics & Training Alliance
. The group describes itself a "Non-profit corporation, evolved from one of the nation’s first High Tech Task Forces and, since 1997, has established an expansive alliance between subject matter experts (SMEs) in the public and private sectors (more than 500 worldwide) with the goal of addressing complex and often internationally-spawned cyber crimes."
Regardless of the motives behind AntiSec's latest antics, there are many questions that arise from this breach. Why does the FBI have 12 million Apple UDIDs on a laptop? Did a developer willingly hand over the UDIDs to the FBI? Did Apple itself play any part in divulging the information to the FBI upon request?
Only time will tell as we learn more from this “big reveal”.
The Next Web
This article is over a month old, voting and posting comments is disabled
RE: Check if your Apple product was compromised
9/4/2012 12:37:34 PM
right, very nice to submit your UDID on unsecured protocol :)
"If a man really wants to make a million dollars, the best way would be to start his own religion." -- Scientology founder L. Ron. Hubbard
AntiSec Exposes U.S. Soldiers' S/Ns, Passwords, Vows Attack on Monsanto
July 12, 2011, 8:45 AM
Google's Proposals for Search Antitrust Settlement Shot Down by European Commission
December 20, 2013, 8:52 PM
E-Cigarettes Included in NYC's Smoking Ban
December 20, 2013, 4:00 PM
BlackBerry Partners with Foxconn for BB10 Devices
December 20, 2013, 10:43 AM
3D Systems Acquires Xerox’s Solid Ink Teams in Oregon
December 18, 2013, 7:54 PM
While FCC Debates Allowing In-flight Voice Calls, Delta is Already Saying “Nope”
December 18, 2013, 12:11 PM
New Mac Pro Launches Tomorrow, Starts at $2,999
December 18, 2013, 10:56 AM
Most Popular Articles
China's Lunar Rover Enters Orbit, Prepares for Historic Sat. Landing
December 13, 2013, 5:00 PM
China's Moon Rover Lands Safe and Sound, Starts Snapping Pics
December 16, 2013, 1:22 PM
Top Microsoft Graphics Genius Defects to Google
December 17, 2013, 4:27 PM
Report: Fusion Fail? Softbank Wants to Merge Sprint and T-Mobile
December 15, 2013, 6:12 PM
NSA Debates Granting Snowden Amnesty if He Keeps His Mouth Shut
December 16, 2013, 1:17 PM
Latest Blog Posts
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
AT&T Explores $100B+ USD Deal to Acquire Vodafone's European Operations
Nov 4, 2013, 7:34 AM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information