Hackers operating under the Anonymous umbrella have
leaked more than 1 million Apple iPhone and iPad IDs, which were allegedly
swiped from the FBI. On Monday, the Antisec arm of the hacker collective said
it had released 1,000,001 unique device identifier numbers (UDIDs) used by
Apple, app developers, and ad networks to label iPhone and iPad users.
The hackers posted a lengthy message on Pastebin with links to data
culled from a larger database of more than 12 million users' personal
information. In its message on Pastebin, AntiSec said it had obtained the
numbers from the a Dell Vostro laptop allegedly belonging to an FBI special
agent named Christopher Stangl from the FBI Regional Cyber Action Team in New York.
In 2009, Mr. Stangl appeared in a Facebook promotional
video titled “Wanted by the FBI: Cyber Security Experts” that encouraged
hackers to get involved with the F.B.I. He was also one of 44 law
enforcement agents invited to participate in the F.B.I.-Scotland Yard
conference call that hackers intercepted.
Andy Greenberg from Forbes downloaded and decrypted
the encrypted files. While there is no simple way to confirm the authenticity
or source of the data, he found an enormous list of 40-character strings
composed of numbers and letters A through F.
Each line comes with what Anonymous says is an Apple
Push Notification badge, as well as a username and a note signifying the
accompanying device.
"We decided we'd help out Internet security by
auditing [the] FBI first," the Antisec message said.
The hackers trimmed out personal data like full
names, cell numbers, addresses, and ZIP codes, but left one main column that
included enough information to help users see if their information was listed
or not, the group said. Antisec clarified that there are no plans to use the
obtained data in any way to harm end
users.
"We have learnt it seems quite clear nobody
pays attention if you just come and say 'hey, FBI is using your device details
and info and who the [expletive] know what the hell are they experimenting with
that', well sorry, but nobody will care," they said.
The data was breached using a vulnerability in Java,
according to Antisec, which also reiterated its support for WikiLeaks and its
editor, Julian Assange, who was recently granted political asylum by Ecuadorean
officials.
TheNextWeb tech team has put together a tool to help
you check if your device has been compromised by Anonymous hackers. To check
your device, just input your UDID/UUID into the form and check it against the published
database on
the following page. If you need help to identify what is your UDID, you can
follow the simple steps, proposed by WhatsmyUDID:
- Open
iTunes.
- Connect
your iOS device to your computer.
- Select it
from the Devices column.
- Click on a
device serial number to reveal its UDID.
- Copy the
number anywhere for future use.
If you need assistance on how to find the number,
visit WhatsmyUDID and follow the slideshow with related screenshots.
Sources
and Additional Information: