BlueToad: We're the real source of Apple UDIDs leaked by AntiSec

By Lee Kaelin on September 10, 2012, 4:30 PM

BlueToad, a Florida-based digital publishing firm, announced today that the one million stolen Apple Unique Device Identifiers (UDIDs) published by AntiSec hackers last week were taken from its servers two weeks ago, and are not part of an FBI snooping project.

David Schuetz, a researcher for New York mobile device security consultant Intrepidus Group, approached BlueToad last week to inform them that they might be the source of the iPhone UDID leak, after finding multiple references to their firm in the device strings of the database published by the hackers.

In response, BlueToad's technicians analyzed the database online and compared it to their version, finding a 98% match between the two. Further research revealed that the data had been stolen in the past two weeks, though more details weren't given as the investigation is ongoing.

BlueToad CEO Paul DeHart is convinced that the leaked database was stolen from his firm's servers, though he notes that the hackers definitely didn't make away with the full 12 million UDIDs they originally claimed to have swiped. "As soon as we found out we were involved and victimized, we approached the appropriate law enforcement officials, and we began to take steps to come forward, clear the record and take responsibility for this," DeHart said.

Anonymous claimed they stole the information from a federal agent's laptop through a Java vulnerability and the database was uploaded to the Internet purely to highlight the FBI's alleged tracking of Apple devices. The FBI was quick to deny this, saying, "there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data."

DeHart concedes this still may have happened. Although he's certain the data came from BlueToad's servers, it could have theoretically landed on an FBI agent's laptop where it was eventually swiped.

"We decided to come forward to apologize to our customers, partners and the public in general that this got out there," DeHart said to the New York Times. "We face thousands of attacks every day that we've been successful at defending. This one happened to get through."

User Comments: 12

Got something to say? Post a comment
Tygerstrike said:

Ok so the information came from BlueToad. Are we sure the information came off of a FBI agents laptop? Im all for holding our govt. agencys accountable when they do shady business. But Im also fair minded and I dont want to jump on a bandwagon to lynch the FBI if they are not responsable. I think the group who hacked then posted this information needs to give us proof that the information ACTUALLY came from a FBI laptop. From this point on, I wont be giving any hacking group credibility w/o proof. Its just been the boy who cried wolf WAYYYYY to many times.

Leeky Leeky said:

That's the point, it's impossible for BlueToad to say whether it was really taken from an FBI members laptop, only the FBI or the AntiSec members who stole it can answer those direct questions.

What we do now know is the data released by AntiSec is the same as the data BlueToad has, which they say forensically the timeline of theft is around 2 weeks ago. It's entirely possible hackers stole from them, it appeared on underground sites, the NCFTA got hold of it and sent it to the FBI, and AntiSec really did take it. Or maybe the FBI agent got it via the underground sites, or he was sent it, or maybe AntiSec took it from BlueToad to begin with and the FBI really haven't ever seen it.

It's unlikely we'll ever know which is true, or how it panned out, but evidence does suggest it was taken around two weeks ago, it matches (98% -- enough for BlueToad to step up to the world and hold hands up!) the database hackers had, and it is their data from previous software updates, though they no longer track UDID data in app updates on iOS.

1 person liked this | MilwaukeeMike said:

Perhaps, Lee. Or perhaps Antisec took it from BlueToad and said they stole it from the FBI, because the headline 'AntiSec hacks Florida Publishing Firm and finds list of Apple UDIDs' isn't anywhere near as exciting as 'FBI hacked, Apple UDIDs found on laptop, Are we being watched?'

There are currently 27 comments in that original story. How many do you think there will be here?

DanUK DanUK said:

Gotta agree with Mike on this one! Antisec will have seen the opportunity for a bit of PR and there's no real way to prove exactly what happened.

Leeky Leeky said:

Perhaps, Lee. Or perhaps Antisec took it from BlueToad and said they stole it from the FBI, because the headline 'AntiSec hacks Florida Publishing Firm and finds list of Apple UDIDs' isn't anywhere near as exciting as 'FBI hacked, Apple UDIDs found on laptop, Are we being watched?'

There are currently 27 comments in that original story. How many do you think there will be here?

Aye, it does make for a much more controversial topic with FBI and the thought of being monitored in the headlines.

That said, this latest development is just as important as the previously covered article you mentioned, although its unlikely to really spark the sort of response the first article received.

I doubt there will be many responses at all.

TJGeezer said:

Probably a 13-year-old middle school kid in Omaha did it just to watch the grownups get excited. As long as we're all speculating here.

Tygerstrike said:

Antisec is only using the media as long as it serves their own interests. Whatever that media is. Yes even I was offended when I read that not only did the FBI have every iusers device ID and pertinent information as well. I was livid. How dare the FBI collect this information on its own citizens. Most ppl who can afford a idevice are prolly not going to be the first in line to be a terrorist. Just the FBI being nosey.

Once more information came to light, I understood that it really was the boy who cried wolf all over again. Now not only has Antisec lost ANY credibility they might have had, but they have overshadowed every other hacking collective by doing this. Now no one is going to put stock into anything a hack group posts. All that media coverage over "Occupy". And all the BS with SOPA. All of it means nothing now due to Antisecs inability to be truthful. Sensationalism is a fickle beast. In this case it has done the exact oppisite of what they wanted. Yes it got them a extra 5 mins of fame, but that is now marred by the fact that it is all lies. In media its the old Janet Jackson song "What have you done for me lately"

1 person liked this | Leeky Leeky said:

Quite the contrary, I would imagine most terrorist networks are rather well funded since money is the second most important ingredient closely behind the fanatical person(s) willingness to carry out the deed. Whether they'd choose to use a mobile phone is a different argument altogether, but that's not the point you were making.

Bruno M. Villar Bruno M. Villar said:

Do you think I'm going to exchange my wallet and the use of my credit cards and my precious money, instead a technology called NFC these days? I want to be bited by a monkey if someday I pay my whores with my cell phone! what could happen if my wife read my balance? or what could happen if lulzsec have complete access to my salary! lol!

Tygerstrike said:

LOL Leeky. As someone who sells cellphones all day, I can state with absolute certainty that anyone who wants to stay off the grid, they buy a burner phone. A cheapy $10.00 gophone is a lot more prefered then signing a 2yr contract. As the cellphone carriers want every bit of info they can get. They also require double verification on all photo ID's. Point is someone looking to be a terrorist, prolly wont be signing a contract for 2yrs.

Leeky Leeky said:

I never said there wouldn't be other reasons, and even mentioned that fact when replying. I'm not stupid, I realise "burn phones" are perfect for this, but my point was it isn't a question of the price that pushes them away, its entirely different reasons. I think you completely missed the point I was making to be honest as most would avoid a mobile at all costs.

cuerdc said:

Yeah phone hacking to the next level its gonna happen so much information stored on them nowadays

Load all comments...

Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.