From: "Virus Guy" <Virus@Guy.com>
> Find Out If Your Apple Device Was Among The 12 Million Units Hacked And
> Tracked By The FBI
>
> http://www.zerohedge.com/news/find-o...nd-tracked-fbi
>
> 09/04/2012 13:32 -0400
>
> Several hours ago, the latest hacker group to gain prominence, AntiSec,
> a subset of Anonymous, disclosed:
>
> http://pastebin.com/nfVT7b0Z
>
> that it had obtained the confidential user data contained in some some
> 12 million Apple units after hacking an FBI Dell Vostro notebook
> computer, "used by Supervisor Special Agent Christopher K. Stangl from
> FBI Regional Cyber Action Team and New York FBI Office Evidence Response
> Team was breached using the AtomicReferenceArray vulnerability on Java"
> which contined a file titled NCFTA_iOS_devices_intel.csv, which "turned
> to be a list of 12,367,232 Apple iOS devices including Unique Device
> Identifiers (UDID), user names, name of device, type of device, Apple
> Push Notification Service tokens, zipcodes, cellphone numbers,
> addresses, etc. the personal details fields referring to people appears
> many times empty leaving the whole list incompleted on many parts."
>
> In other words, the FBI had the personal data of a substantial number of
> Apple device users, certainly all of which had been obtained without
> prior permission. Naturally the question here is why on earth does the
> FBI have this data, and as TNW sggests:
>
> (http://thenextweb.com/apple/2012/09/...evice-ids-alle
> gedly-obtained-fbi-breach/)
>
> "They published the UDID numbers to call attention to suspicions that
> the FBI used the information to track citizens. Much of the personal
> data has been trimmed, however, with the hackers claiming to have left
> enough for “a significant amount of users” to search for their devices."
> AntiSec has subsequently released one million of these UUIDs and their
> associated data. Find out if your device is on the list as explained
> below.
>
> First, courtesy of WhatsmyUDID.com, here is a simple process to find out
> what the specific number is.
>
> http://www.zerohedge.com/sites/defau...2/UDID%201.jpg
> http://www.zerohedge.com/sites/defau...2/UDID%202.jpg
> http://www.zerohedge.com/sites/defau...2/UDID%203.jpg
> http://www.zerohedge.com/sites/defau...2/UDID%204.jpg
>
> And then, with UDID in hand, go here:
>
> http://thenextweb.com/apple/2012/09/...-antisec-leak/
> Or, for those who are uncomfortable using the internet for uplink
> purposes, can use the following instructions on how to download the full
> list, via Anonymous:
>
> Download links:
>
> http://freakshare.com/files/6gw0653b/Rxdzz.txt.html
> http://u32.extabit.com/go/28du69vxbo4ix/?upld=1
> http://d01.megashares.com/dl/22GofmH/Rxdzz.txt
> http://minus.com/l3Q9eDctVSXW3
> https://minus.com/mFEx56uOa
> http://uploadany.com/?d=50452CCA1
> http://www.ziddu.com/download/20266246/Rxdzz.txt.html
> http://www.sendmyway.com/2bmtivv6vhub/Rxdzz.txt.html
>
> HOW TO GET THE CANDY ONCE YOU HAVE DOWNLOADED THE FILE
>
> first check the file MD5:
> e7d0984f7bb632ee19d8dda1337e9fba
>
> (lol yes, a "1337" there for the lulz, God is in the detail)
>
> then decrypt the file using openssl:
>
> openssl aes-256-cbc -d -a -in file.txt -out decryptedfile.tar.gz
>
> password is:
> antis3cs5clockTea#579d8c28d34af73fea4354f5386a06a6
>
> then uncompress:
> tar -xvzf decryptedfile.tar.gz
>
> and then check file integrity using the MD5 included in the password u
> used to decrypt before:
> 579d8c28d34af73fea4354f5386a06a6
So much for adherence to Federal DaR requirements.
--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp
Reply With Quote