One million unique device identifiers (UDIDs) from iOS devices have been posted online by hacking group Antisec, who claimed the UDIDs came from an FBI-owned laptop. The group published a file containing the UDIDs—as well as push notification tokens, device names, and more—on Monday evening, promising that there are plenty more entries where that came from. Antisec claims the original file contained roughly 12 million UDID entries—some with very personal data attached, such as full names, cell numbers, and home addresses.
There has been no official confirmation as of yet that Antisec's UDID list indeed came from an FBI laptop, but Antisec claims to have remotely accessed Supervisor Special Agent Christopher K. Stangl's data in March 2012 using a Java vulnerability, AtomicReferenceArray. The AtomicReferenceArray vulnerability in Oracle's Java software framework came to light earlier this year after it was being exploited in attacks that installed malware on end-user machines. Oracle released a patch in February.
That same month, members of the Anonymous hacking collective published a transcript of a conference call between investigators at the FBI and Scotland Yard during which operations against hacktivist group were discussed. About 40 law enforcement agents from various parts of the world participated in the call, which was intercepted after the leaking of an e-mail message sent to all the agents listing the time and code to get in, according to Rob Graham, CEO of penetration testing firm Errata Security.
Read 7 remaining paragraphs | Comments
DIGITAL JUICE
No comments:
Post a Comment
Thank's!