dslreports logo

story category
AntiSec Hacks FBI, Nabs User iPhone/iPad Data
FBI Has Explaining to Do About Domestic Spying
by Karl Bode 12:36PM Tuesday Sep 04 2012
Hacking group AntiSec has released a portion of what they're claiming is a list of 12 million Unique Device IDs, including (redacted by AntiSec) personal information such as user names, device names, notification tokens, cell phone numbers and addresses. More interesting perhaps is where the group claims they obtained this data from: a laptop belonging to New York FBI Special Agent Christopher K. Stangl.

Obviously left unmentioned is how the FBI came by this data and what exactly they were hoping to do with it. According to a statement posted by AntiSec, the laptop hacking took place in March using a Java vulnerability:
During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.
According to the file name (NCFTA_iOS_devices_intel.csv), the data came from or was being used by the National Cyber-Forensics & Training Alliance, which says it "functions as a conduit between private industry and law enforcement." The Next Web has released a handy tool (which they claim is encrypted via SSL) allowing users to confirm whether their data was included in the collected information by entering their Apple UDID.

59 comments .. click to read

Recommended comments

Rogue Wolf
Mourns the Loss of lilhurricane

Troy, NY

2 recommendations

reply to FFH

Re: FBI categorically denies they were source of data

It's a seriously sad state of affairs when, given conflicting statements between a government agency and a hacker group, I honestly don't know which one to believe.
I may have been born yesterday, but I've spent all afternoon downtown.