Hacker group claims access to 12M Apple device IDs

Hacker cluster AntiSec has printed what it claims is regarding one million distinctive device symbol numbers (UDIDs) for Apple devices that it aforesaid it accessed earlier this year from a pc happiness to Associate in Nursing government agent.

The group, that could be a splinter operation of the Anonymous hacking collective, claims that it’s culled quite twelve million UDIDs and private knowledge linking the devices to users from the Federal Bureau of Investigation pc. AntiSec aforesaid it selected to publish a little of these records to prove it’s them.

In an extraordinarily extended note on Pastebin, a member of AntiSec aforesaid the cluster had culled some personal knowledge like full names and cell numbers from the printed knowledge. Instead, the cluster aforesaid it printed enough data like device kind, device ID and Apple Push Notification Service tokens to let users confirm whether or not their devices ar on the list. Apple device homeowners WHO need to ascertain will do thus here.

It was not like a shot attainable to verify the genuineness of AntiSec’s claims regarding the information. Nor was it clear why the distinctive device ID knowledge Associate in Nursingd alternative personal data happiness to countless Apple users would air an Federal Bureau of Investigation agent’s pc within the 1st place.

FBI spokesperson Jennifer Shearer aforesaid the agency has no official discuss the claim.

Graham Cluley, a senior technology advisor at Sophos, aforesaid there’s no approach of knowing however whether or not the hackers ar telling the reality. “We haven’t got any approach of confirming the supply of the information, or what else may need been taken, however it will seem that the files do contain a minimum of some real Apple UDIDs.” Cluley aforesaid via email.

“Is it a giant deal? Well, if the information was taken from Associate in Nursing Federal Bureau of Investigation pc then queries are asked on what the Federal Bureau of Investigation [was] doing with the information within the 1st place, further as why it wasn’t higher protected,” he said. “At the instant it feels as if the hackers may well be a lot of curious about embarrassing the Federal Bureau of Investigation and inflicting mischief than golf shot innocent users in danger.”

Apple’s UDIDs ar a collection of alphamerical characters accustomed unambiguously determine Associate in Nursing iPhone or iPad. The numbers ar designed to let application developers track what number users have downloaded their application and to assemble alternative data for knowledge analytics. In 2010, The Wall Street Journal did Associate in Nursing investigatory report showing however application developers were mistreatment Apple’s UDID to assemble plenty of non-public data regarding the device owner, as well as name, age, gender, device location and phone numbers. In response to issues regarding the trailing, Apple not permits new iOS applications to trace UDIDs.

In its message on Pastebin, AntiSec aforesaid it had obtained the numbers from the a holler Vostro laptop computer allegedly happiness to Associate in Nursing Federal Bureau of Investigation agent named Saint Christopher Stangl from the Federal Bureau of Investigation Regional Cyber Action Team in big apple.

The computer was broken mistreatment the “AtomicReferenceArray vulnerability on Java,” the post claimed. “During the shell session, some files were downloaded from his Desktop folder. one among them with the name of “NCFTA_iOS_devices_intel.csv” turned to be a listing of twelve,367,232 Apple iOS devices as well as distinctive Device Identifiers (UDID), user names, name of device, kind of device, Apple Push Notification Service tokens, zip codes, telephone numbers, addresses, etc.

“The personal details fields touching on folks seems repeatedly empty deed the total list incompleted (sic) on several components,” the post aforesaid. “No alternative file on an equivalent folder makes mention regarding this list or its purpose.”

According to AntiSec, the explanation it determined to publish {the data|the info|the data} was to reveal the FBI’s trailing of device information happiness to Apple users.

“Well we’ve learnt (sic) it looks quite clear no one pays attention if you simply return and say ‘hey, Federal Bureau of Investigation is mistreatment your device details and data and WHO the f… is aware of what the hell ar they experimenting therewith,’ well sorry, however no one can care. FBI will, as usual, deny or ignore this uncomfortable factorie and everyone can forget the total thing at superb speed.”

The cluster criticized Apple’s use of UDID. “We continually thought it had been a extremely unhealthy plan. That hardware coded IDs for devices thought ought to be erradicated (sic) from any device on the market within the future.”