Hactivist group Antisec strikes again – or did they? Did they manage to take a bite out of the big “Apple” and do it from and FBI agent’s Dell notebook? According to the Anonymous-allied hackers, they have and it’s been reported that a list of 12.4 million Apple Unique Device Identifiers (UDID) was gained. This information also provided user names, device names and types and for some it included names, addresses, cell and home phone numbers. Sounds like an identity theft nightmare, or it would be if Antisec wasn’t playing “Robin Hood” to the FBI’s Sheriff John, or so the story goes.
Did this hacking really happen?
According to the FBI (Oh no you didn’t!) . A recent FBI statement denies stating, “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”
According to Antisec, (Oh yes we did.) The hacktivist group says that it not only did it but that the proof is in the publishing of one million of these codes online. They claim that this and other activities including the recent hacking into OnGuardOnline.gov and the Justice Department were in retaliation for SOPA and other similar legislation, but they also do it to show exactly how vulnerable your information can be.
Apple is keeping it’s stem shut.
What do the experts say?
F-Secure researcher Sean Sullivan told V3, “It’s possible that a popular app vendor has been compromised and the UUIDs are from there. So, real UUIDs, but I don’t think there’s any evidence of the FBI claim.” He continues, “The list is real, but there doesn’t really seem to be anything special about it. There’s just two sets of numbers (UDID/APSN) the device “name” as given by the user, and the type of device.”
Antisec claims to have only published the list and kept the personal information off the internet. I thank them for that, especially after having been a victim of the 450,000 email addresses published courtesy of DD3’s hacking into the Yahoo database and releasing email address information. However, I do have to say that some of the spam I’m receiving is good for a laugh.
Why grab and release the data?
Maybe because they can. Or according to their statement on pastebin “Why exposing [sic] this personal data?” asked the unnamed writer of the Pastebin posting announcing the data dump, who claimed to be affiliated with the anti-government hacktivist group AntiSec. “Well, we have learnt it seems quite clear nobody pays attention if you just come and say ‘Hey, FBI is using your device details and info and who the [expletive] knows what the hell are they experimenting with that,” well sorry, but nobody will care.”
Do you care?
If you are worried about the security of your device and having your own Apple UDID appearing on the AntiSec hack list, TheNextWeb has created a web tool for checking if your information was compromised. As for why the FBI may allegedly have this information, we can thank the Patriot Act for that.