Antisec hacked an FBI laptop and managed to steal more than 12 million Apple UDIDs

Posted by | September 04, 2012 | News | No Comments


iTunes customers beware: Antisec, a cyberpunk activity linked with LulzSec and Anonymous, statements it has compromised into the laptop of FBI agent Christopher K. Stangl, acquiring the exclusive system identifiers (UDIDs) of 12 thousand iTunes customers. The team revealed 1,000,001 of these UDIDs so far, such as what seems to be the identifier to US President Barack Obama’s iPad.

Antisec hacked an FBI laptop and managed to steal more than 12 million Apple UDIDs

Stangl’s laptop was breached in March 2012 using a Java exploit, according to a review by Antisec to Pastebin. Antisec discovered information on 12,367,232 iTunes records on the agent’s PC. While the team has only launched the UDIDs openly, it statements Stangl also had information such as usernames, zipcodes, telephone numbers, and addresses.

Why does the FBI have such a huge record of iTunes account information? We may never know, as the FBI is declining to say anything about this. But Antisec’s feedback do seem to recommend that the govt may have far more information on us than many of us would feel confortable about.

Antisec itself says the discharge of the information is intended to emphasize this reality. We have learnt it seems quite clear nobody pays attention if you just come and say ‘hey, FBI is using your device details and info and who the [expletive] know what the hell are they experimenting with that’, well sorry, but nobody will care,” they write. “FBI will, as usual, deny or ignore this uncomfortable thingie and everybody will forget the whole thing at amazing speed.”

Want to know if your system has been compromised? Parsing the document requires quite a bit of your energy and time, but application creator Sean McGuire has designed a little web app to examine whether your system has been affected. To acquire your UDID, connect your device into your laptop or computer and start iTunes. The UDID can be acquired by running the device screen and hitting the serial number.

Such a huge launch of UDIDs will at least cause Apple to shift away from using such a technique to recognize exclusive gadgets. It has already done so to some extent: since 2010, the Cupertino organization has been breaking down on the use of UDIDs in third-party applications. That is not enough for Antisec, however. “Hardware coded IDs for devices concept should be eradicated from any device on the market in the future,” it claims.

About Network Security

At SecurityNet.org we believe each of us plays an important role in network security, and data protection. The articles on this site were written to keep each of us informed on the ever changing security scene so that we might stay one step ahead of those who would compromise our systems. If you have an article that you feel our visitors would benefit from please submit it via the contact form, or via email and we will publish it in the next available slot.