l****g 发帖数: 761 | 1 http://www.telegraph.co.uk/technology/apple/9519738/One-million
he group AntiSec also claims to have access to more than 12 million other
IDs, which it has not released, as well as account holders' personal
information.
The personal information is said to include user names, device names,
telephone numbers and addresses.
According to experts this information could be handed to spammers and
potentially used to infect computers and steal credit card details.
In a statement published online the group said that it had published the
information to bring attention to the FBI apparently using the details to
track Americans.
While the personal information has not been releaseed, the hackers claim
that a significant number of users will be able to search for their device,
using their Apple device ID.
The statement said that the laptop "was breached using the
AtomicReferenceArray vulnerability on Java. During the shell session some
files were downloaded from his Desktop folder."
"One of them with the name of ”NCFTA_iOS_devices_intel.csv” turned to be a
list of 12,367,232 Apple iOS devices including Unique Device Identifiers (
UDID), user names, name of device, type of device, Apple Push Notification
Service tokens, zipcodes, cellphone numbers, addresses, etc."
Graham Cluley, a computer security expert at Sophos said that the hackers
may have chosen not to release personal information, to make it more
valuable to criminals.
"That is obviously information that has a real value. It could be abused in
several ways. By publicising the Apple ID details what they are doing is
saying we have got all this data- we can prove that we have got it and Apple
can test whether these device numbers are correct or not.
"They probably either want to exploit [the details] themselves or they might
for instance want to sell it on the computer underground to spammers who
can send a targeted campaign to those email addresses."
"Maybe it would be claiming to come from Apple, maybe it would contain
malicious links or be designed to infect people's computers and potentially
steal information such as credit card details "
AntiSec, or the Anti Security Movement, is opposed to the computer security
industry. Experts say that hacking is a worldwide problem and has become
much more visible in the last couple of years, because of the rise of so-
called 'hacktivism'
This mixture of hacking and activism is designed to discredit and embarrass
large scale organisations.
AntiSec said it will not provide further statements until a photo of a
writer at a US-based gossip website is featured on the site's front page
dressed in a tutu. Adrian Chen is a writer at Gawker who has criticised
hacking groups in the past.
Apple declined to comment. |
|