The hacker group AntiSec released a file of a million and one UDIDs unique device identifiers which it claims to have hacked it off an FBI computer via a Java vulnerability. UDIDs are unique IDs for iPhone, iPad and iPod Touch devices. They said they obtained the file in March by hacking into the laptop of a Federal Bureau of Investigation agent in the bureau’s New York field office.
In an unusually lengthy note on Pastebin, a member of AntiSec said the group had culled some personal data such as full names and cell numbers from the published data. Instead, the group said it published enough information such as device type, device ID and Apple Push Notification Service tokens to let users determine whether their devices are on the list.
The hackers issued a statement saying: 'During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java. During the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv."
The Next Web has created a tool that lets you enter your iOS device’s UDID to determine if it has been leaked. You can find it here. (And yes, it’s safe: TNW is a legit news site.) Of course, there’s no guarantee that your device’s identifier isn’t among 11 million other numbers not released by AntiSec.
If you don’t know how to retrieve your UDID, you can find a good tutorial here.
It’s not known why the FBI possessed the Apple IDs. The hackers suggested in a tweet from the the @AnonymousIRC account, that the FBI was using the information to track users. The hackers say they released the Apple UDIDs so that people would know that the FBI may be tracking their devices and also because, they wrote in their online post, “we think it’s the right moment to release this knowing that Apple is looking for alternatives for those UDID currently … but well, in this case it’s too late for those concerned owners on the list.”
Daily Updates or our RSS feed to kick off your day with the latest hacking and Security news and tips, or share the article with your friends and contacts on Facebook, Twitter or Google+