The identification codes for one million Apple iPhones and iPads are
now online courtesy of hackers associated with Anonymous, the group
who, purportedly, pilfered the information from an FBI agent’s laptop.
The FBI, however, is denying allegations they ever had any data, let
alone information on 12 million iOS devices, as the hackers claim.
A hacker, under the umbrella of AntiSec – a 14-month-old joint operation of Anonymous and LulzSec – posted a file to Pastebin Monday containing links to roughly one million Apple unique device identifiers (UDIDs).
The post alleged that the hackers gained access to the Dell laptop of
FBI special agent Christopher Stangl in March of this year. Stangl,
according to news reports, works at the New York field office and has
been instrumental in the FBI’s cybersecurity recruitment efforts.
FBI officials said Tuesday the bureau never asked for, and never
possessed the database AntiSec posted on Pastebin. They also said that
the authenticity of the data that AntiSec released could not be
verified.
The hacker said “a list of 12,367,232 Apple iOS devices including
Unique Device Identifiers (UDID), user names, name of device, type of
device, Apple Push Notification Service (APNS) tokens, zip codes,
cellphone numbers, addresses, etc.” were harvested by exploiting a Java
vulnerability on the agent’s laptop.
The anonymous poster said although the original file contained more
than 12 million devices “we decided a million would be enough to
release” to draw attention to the FBI’s alleged tracking of Apple
customers.
“We trimmed out other personal data as, full names, cell numbers,
addresses, zip codes, etc.,” the post said. “Not all devices have the
same amount of personal data linked. Some devices contained a lot of
info, others no more than zip codes …
“In this case it’s too late for those concerned owners on the list,”
the post continued. “We think it’s the right moment to release this
knowing that Apple is looking for alternatives for those UDID currently …
We never liked the concept of UDIDs since the beginning indeed. Really
bad decision from Apple.”
All iOS devices have a UDID to allow developers and mobile
advertising networks to follow user behavior. Apple has said it has,
over the past number of months, been phasing out the access to UDIDs
because the numbers could be broadcast to third parties without the
users’ permission.
Post from: SiteProNews
