Apple UDID Source Revealed by Local

September 10, 2012
By

Post to Twitter Post to Facebook Post to Reddit

Looks like all the hard work paid off for local NoVA Blogger David “@darthnull” Schuetz as he discovered the source of the Apple UDID leak last week. Apparently, there’s a small Florida-based private company called BlueToad that touches a lot of what we do on our smartphones. David, who works with Intrepidus Group on mobile security, contacted BlueToad last week and they immediately began an investigation. Earlier today their CEO confirmed that the data was theirs and that the attack took place two weeks prior. You can find their full statement here however it’s down right now so head over to the Google cache version. The good news is that BlueToad was in the process of migrating from using UDIDs per Apple recommendations … unfortunately they didn’t finish soon enough.

Here’s @darthnull being interviewed last Friday night on NBC News…

Visit NBCNews.com for breaking news, world news, and news about the economy

via NBCNews.com

A small Florida publishing company says the million-record database of Apple gadget identifiers released last week by the hacker group Anonymous was stolen from its servers two weeks ago. The admission, delivered by the company’s CEO exclusively to NBC News, contradicts Anonymous’ claim that the hacker group stole the data from an FBI agent’s laptop in March.

Anonymous’ accusations garnered attention because they suggested that the FBI was using the unique gadget identifiers — called UDIDs — to engage in high-level spying on American citizens via their iPhones, iPads, and iPod Touch devices. The FBI denied the claim, last week, and when asked to comment for this story, referred to last week’s denial.

Paul DeHart, CEO of the BlueToad publishing company, told NBC News that technicians at his firm downloaded the data released by Anonymous and compared it to the company’s own database. The analysis found a 98 percent correlation between the two datasets.

Continued here.

For more of the technical details check out these posts on the Intrepidus Group blog.

#####

So what about the other 11 million claimed UDIDs? Do they exist? If so, are they from the same source? Let us know in the comments below. Today’s post pic is from Twitter.com. See ya!

Tags: , , ,

11 Responses to Apple UDID Source Revealed by Local

  1. (@Nathiet) (@Nathiet) on September 10, 2012 at 2:13 pm

    #NoVABlogger Apple UDID Source Revealed by Local http://t.co/LlqUgHP0

  2. Dave Marcus (@DaveMarcus) on September 10, 2012 at 2:54 pm

    Apple UDID Source Revealed by Local http://t.co/x2IJo1Tx awesome job by @darthnull

  3. (@novainfosec) (@novainfosec) on September 10, 2012 at 3:15 pm

    Still unanswered re the Apple UDID thing.. Is it 1 million or 15 million? http://t.co/a9b6QQCS

  4. (@krvw) (@krvw) on September 10, 2012 at 3:29 pm

    “@novainfosec: Still unanswered re the Apple UDID thing.. Is it 1 million or 15 million? http://t.co/KKVAg1Qe” < And from 1 app?!

  5. (@grecs) (@grecs) on September 10, 2012 at 5:52 pm

    BLOGGED: Apple UDID Source Revealed by Local http://t.co/3qzS56uE

  6. (@PacketknifeToo) (@PacketknifeToo) on September 10, 2012 at 6:08 pm

    Apple UDID Source Revealed by Local http://t.co/NXlo6hyN

  7. (@novainfosec) (@novainfosec) on September 10, 2012 at 8:23 pm

    BLOGGED: Apple UDID Source Revealed by Local http://t.co/a9b6QQCS //Where’s the other 11m?

  8. Richard Steven Hack on September 10, 2012 at 10:06 pm

    Color me unconvinced…

    While it may be that the UIDs released by the hackers came from Blue Toad, it’s also possible that Blue Toad’s database was scooped up, added to others and the aggregate was what was recovered from the FBI (if anything was.)

    However, the hackers involved need to prove their claims now by releasing more proof of the source, plus the other data allegedly included, since Blue Toad’s files did not have user names, etc.

  9. grecs on September 10, 2012 at 11:47 pm

    Richard: Very true … that’s one possible theory. We discovered the source … but what about any intermediaries (FBI?). Thanks for your input!

  10. (@novainfosec) (@novainfosec) on September 11, 2012 at 12:12 am

    #NOVABLOGGER: Apple UDID Source Revealed by Local http://t.co/a9b6QQCS http://t.co/IntXkFbO

  11. (@novainfosec) (@novainfosec) on September 11, 2012 at 8:14 am

    BLOGGED: Apple UDID Source Revealed by Local http://t.co/a9b6QQCS //Updated w/ video of @darthnull describing how he found.

Leave a Reply

Your email address will not be published. Required fields are marked *


About Us

Founded in 2008, NoVA Infosec is dedicated to the community of Metro DC-based security professionals and whitehat hackers involved in the government and other regulated verticals. Find out more on our About Us page.