New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Hackers Release 1 Million iOS Device UDIDs Obtained from FBI Laptop

Monday September 3, 2012 11:11 pm PDT by Arnold Kim
Hacker group Antisec has released a dump of 1 million unique identifiers (UDIDs) from Apple iOS devices tonight. The records reportedly came from a file found on an FBI laptop back in March.
During the second week of March 2012, a Dell Vostro notebook, used by Supervisor Special Agent Christopher K. Stangl from FBI Regional Cyber Action Team and New York FBI Office Evidence Response Team was breached using the AtomicReferenceArray vulnerability on Java, during the shell session some files were downloaded from his Desktop folder one of them with the name of "NCFTA_iOS_devices_intel.csv" turned to be a list of 12,367,232 Apple iOS devices including Unique Device Identifiers (UDID), user names, name of device, type of device, Apple Push Notification Service tokens, zipcodes, cellphone numbers, addresses, etc. the personal details fields referring to people appears many times empty leaving the whole list incompleted on many parts. no other file on the same folder makes mention about this list or its purpose.
The file that was found was said to contain over 12 million device records, including Apple UDIDs, usernames, push notification tokens, and in some instances, names, cell phone numbers, addresses and zip codes.

The group released 1 million of these records but stripped most personal information. The final release includes Apple UDIDs, APNS (push notification) Tokens, Device Name (e.g. "Arnold's iPhone") and Device Type (e.g. "iPhone"). MacRumors has been able to confirm that the UDIDs appear to be legitimate.

The source of the data is not entirely clear, though the type of data is typical for the kind of information an iOS app developer would collect to deliver push notifications to users. It seems an App developer or developers are the original likely source of the information, though no specific information is yet available. Right now there's no easy way to determine if your device's UDID was included in the list, beyond downloading the list yourself.

The actual implications of the leak, even if your UDID is found, aren't entirely clear. The UDIDs themselves are rather harmless in isolation. Apple has previously come under fire for the use of these globally identifying ids. The privacy risks, however, typically come from these ids being used across ad networks and apps to piece together a more complete picture of activity and interests of the user. But it was reported back in 2011 that by leveraging existing networks, information and even login access can be obtained from UDIDs. It's not yet clear if the released push tokens can be used in any manner.

[ 348 comments ]

Top Rated Comments

(View all)

Avatar
1080p
93 months ago
What is the FBI doing with that info?
Rating: 107 Votes
Avatar
Anti-Lucifer
93 months ago
...must...delete..all..traces...of...porn...
Rating: 58 Votes
Avatar
Geckotek
93 months ago
Why the hell does the FBI need that information? And why was the damn laptop not encrypted?
Rating: 47 Votes
Avatar
Salukipilot4590
93 months ago
...so the FBI wanted to know my UDID for what reason exactly?

What intel "would" they want to gather?
Rating: 34 Votes
Avatar
Purant
93 months ago


They're a notorious hacker group, im sure they would have gotten it either way


Who? The FBI? :P
Rating: 31 Votes
Avatar
Screwball
93 months ago
And this ( or anything similar ) should come as a surprise to anyone why?
Rating: 27 Votes
Avatar
SwampTony
93 months ago
It's **** like this, federal government
Rating: 16 Votes
Avatar
Akarin
93 months ago
How to check if your UDID is in the released list?

1. Download the file from one of these sources:

http://freakshare.com/files/6gw0653b/Rxdzz.txt.html
http://u32.extabit.com/go/28du69vxbo4ix/?upld=1
http://d01.megashares.com/dl/22GofmH/Rxdzz.txt
http://minus.com/l3Q9eDctVSXW3
https://minus.com/mFEx56uOa
http://uploadany.com/?d=50452CCA1
http://www.ziddu.com/download/20266246/Rxdzz.txt.html
http://www.sendmyway.com/2bmtivv6vhub/Rxdzz.txt.html


2. Open a terminal window and type this (replace file.txt with the path/name of the file you just downloaded. You can drag and drop the filename directly in the terminal window):

openssl aes-256-cbc -d -a -in file.txt -out decryptedfile.tar.gz


3. Enter the following password (you can also copy/paste it. Don't worry, you won't see it in the terminal window):

antis3cs5clockTea#579d8c28d34af73fea4354f5386a06a6


4. Uncompress decryptedfile.tar.gz by double-clicking on it. The file should be located in Users/<your_username>/

5. Open iphonelist.txt

6. Find your iOS device UDID by starting iTunes. When presented with this screen:



...click on the word "Serial number" to reveal your UDID. It should now show this:



7. Copy your UDID and search within the file to check if yours is in it. If you have a question, just ask.
Rating: 14 Votes
Avatar
Apple Poptart
93 months ago
::facepalm::
Rating: 14 Votes
Avatar
mohsy90
93 months ago

Who? The FBI? :P


Both, lol
Rating: 14 Votes

[ Read All Comments ]