Hackers Grabbed Twelve Million Apple IDs from FBI

Wednesday, September 05, 2012

Dan Dieterle


The hacker group Anonymous claims that they have stolen 12 million Apple Unique Device Identifier numbers (UDID), releasing 1 million publicly as “proof”.

Though this in itself would be cause for concern, it doesn’t stop there. They claim that the information was stolen from an FBI agent’s laptop!

The ID breach was made public through a tweet from AnonymousIRC (above) that linked to a Pastebin post. The post is a compilation of hacktivism rants, including Russian loans to Syria, a list of hackers that were supposedly killed or mistreated by the government, and their philosophy of life.

It does include an interesting message to NSA leader General Keith Alexander:

In July 2012 NSA’s General Keith Alexander (alias the Bilderberg Biddy) spoke at Defcon, the hacker conference in Las Vegas, wearing jeans and a cool EFF t-shirt (LOL. Wtf was that?). He was trying to seduce hackers into improving Internet security and colonoscopy systems, and to recruit them, ofc, for his future cyberwars. It was an amusing hypocritical attempt made by the system to flatter hackers into becoming tools for the state…

Well…We got the message. We decided we’d help out Internet security by auditing FBI first.

The hacker group claims the Apple ID list was stolen from FBI Special Agent Christopher Stangl’s computer. Apparently they hacked the agent’s laptop using the Atomic Reference Array Java vulnerability (CVE-2012-0507):

“During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArrayvulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ‘NCFTA_iOS_devices_intel.csv’ turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device,type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc.

Several questions come to mind, first of all, is the information legit? Second, if so, why would an FBI agent have a list of twelve million Apple ID’s (which apparently in some cases can be used to access information just as a password would)? And lastly, how did the hacker group exploit this particular agent’s laptop and recover information from it?

Several important questions, not a lot of answers right now.

But at least one site has already popped up offering “Check to see if your Apple ID was stolen in the hack” services.  As always be very wary of these sites, unless they are created by or referred from the manufacturer.

Cross-posted from Cyber Arms

Possibly Related Articles:
Apple Java Passwords Vulnerabilities FBI Anonymous hackers breach
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.