Small US publisher says it was source of iOS UDIDs

BlueToad makes red-herring of Anonymous’ hacked FBI laptop claim.

BlueToad, a small US digital publisher and iOS app developer has come forward as the source of the million unique device identifiers (UDIDs) that Anonymous claimed was stolen from an FBI agent’s laptop.

“A little more than a week ago, BlueToad was the victim of a criminal cyber-attack, which resulted in the theft of Apple UDIDs from our systems. Shortly thereafter, an unknown group posted these UDIDs on the Internet,” BlueToad CEO and President Paul DeHart said on the company’s blog.

DeHart told <i>NBC News</i> that technicians at the company had downloaded the list of UDIDs released by Anonymous and compared it to its own data. Its analysis found a 98 per cent correlation to the leaked list, all but confirming the list was theirs.

BlueToad cross-checked the UDIDs on the leaked list after David Schuetz, a security researcher from Intrepidus Group, contacted the company and suggested BlueToad could have been the source.

In a Monday blog post Schuetz described identifying BlueToad as the likely source by weeding out frequently repeated UDIDs on the theory that these would belong to a developer.

“They’d naturally test multiple apps for their company, each of which should have a different device token,” wrote Schuetz.

Schuetz had found around 15,000 duplicates amongst the million long list and went on to isolate the “high frequency duplicates”. He found these UDIDs were associated with numerous names, all connected with BlueToad, suggesting that this was the source.

In all Schuetz had identified 19 devices tied to BlueToad, including UDIDs appearing next to the names of key executives of the company, such as the CIO, the CEO and departments within the company. He contacted BlueToad to share his findings.

BlueToad’s DeHart told <i>NBC</i> that his company did not give the UDIDs to the FBI, but that he did not know whether someone else could have given the data to the FBI.

The FBI has previously said there was no evidence the list was taken from its laptops or that it ever had the information.

DeHart said BlueToad did not collect UDIDs anymore, following Apple’s decision to phase out the use of UDIDs.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts