AntiSec hacks the FBI: releases a million Apple UDIDs

It’s a been a while since we had a major hacking story. Just to make sure you don’t forget about it, AntiSec has hacked the Federal Bureau of Investigation (FBI) and released more than one million Apple Unique Device Identifiers (UDIDs) according to a post on Pastebin.

The group claims it has well over 12-million IDs that include personal information such as user names, addresses, device names and mobile numbers.

Here is how it did it:

During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.

Why did AntiSec do it? The group believes that the FBI has been using the information to track citizens (it’s like that Newsroom episode). According to the group, a large chunk of the personal data has been cut down but it has left enough for “a significant amount of users” to locate for their devices. The group reckons this is the only way it could get people’s attention without the FBI trying to “discredit” it due to the size of the personal data.

According to The Next Web, if AntiSec’s account of the breach is accurate, the NCFTA acronym in the filename most likely refers to the National Cyber-Forensics & Training Alliance, a non-profit corporation of experts from both the private and public sector that investigates cyber-crimes.

The group ends its long Pastebin post with a shout out to Wikileaks and its founder Julian Assange as well as Russian feminist group Pussy Riot.



Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Memeburn

Sign up to our newsletter to get the latest in digital insights.