iPad Hackers Charged by Federal Prosecutors

January 19, 2011 -

ABC News reports that two men have been charged with hacking AT&T's servers and stealing the private information of nearly 120,000 iPad users including such notables as Hollywood heavyweight Harvey Weinstein, New York Mayor Michael Bloomberg, and President Obama's former chief of staff Rahm Emanuel. Some have called the men "Internet trolls" because of the way they allegedly bragged about it online. The security breach occurred during the initial release of Apple's iPad, according to court documents.

The two are 26-year-old Daniel Spitler of San Francisco, and 25-year-old Andrew Auernheimer of Fayetteville, Ark. Both received a charge of fraud and conspiracy to access a computer without authorization. The charges were announced by the U.S. prosecutors office in Newark, N.J.

According to the complaint filed by the FBI in Newark this week, Spitler and Auernheimer allegedly used a "brute force hack tactic" over the course of several days on AT&T servers. After breaching security, the duo uncovered email addresses related to 120,000 iPad accounts.

After the attack, Gawker.com was allegedly supplied with information obtained during the hack from the group Goatse Security, described in the complaint as a "loose association of internet hackers" that Spitler and Auernheimer were allegedly associated with.

The court papers cite that Gawker report. Around 120,000 emails were captured including notable personalities and politicians such as Bloomberg, Weinstein, Rahm Emanuel, ABC News anchor Diane Sawyer, and several Department of Defense employees.

Auernheimer and Spitler also allegedly talked about the hack in chat logs, which were given to the FBI. The FBI says that Auernheimer also took credit for the attack in an email he sent to the U.S. Attorney's office in New Jersey in November.

"AT&T needs to be held accountable for their insecure infrastructure as a public utility and we must defend the rights of consumers, over the rights of shareholders," he wrote, according to the complaint.

While Auernheimer claimed to do this in the name of exposing a security flaw to AT&T to protect iPad users, the FBI isn't buying that explanation: they see it purely as a crime done simply for thrills or notoriety:

"Hacking is not a competitive sport, and security breaches are not a game. Companies that are hacked can suffer significant losses, and their customers made vulnerable to other crimes, privacy violations, and unwanted contact," U.S. Attorney Paul J. Fishman tells ABC News.

"Unauthorized intrusions into personal privacy adversely affect individual citizens, businesses, and even national security," said Michael Ward, special agent in charge of the FBI's Newark field office. "Such intrusion cases, regardless of the motive is criminal gain or prestige among peers in the cyber-hacking world, must and will be aggressively pursued to ensure these rights are protected to the highest degree."

The ABC News report also points to a 2008 interview that Auernheimer did with the New York Times:

"I hack, I ruin, I make piles of money. I make people afraid for their lives," he said to the Times.

The FBI also claims that the men wanted to make money off the stolen data.. in the stock market. During one online conversation between the two, they discussed holding off on announcing the security breach so they could "short AT&T stock."

The logs, which were handed over to the FBI by an anonymous source last summer, are part of the court documents filed this week, according to Computer World. Spitler surrendered to the FBI in Newark on Tuesday and is scheduled to appear in federal court. Auernheimer is scheduled to appear in federal court in Fayetteville. Neither men have entered a plea.

Source: ABC News

 


Comments

Re: iPad Hackers Charged by Federal Prosecutors

Re: iPad Hackers Charged by Federal Prosecutors

So, bragging = trolling somehow?

 
Forgot your password?
Username :
Password :

Poll

Will an M rating hurt Batman: Arkham Knight's sales?:

Shout box

You're not permitted to post shouts.
Craig R.Net Neutrality: let the lawsuits begin! (Which were going to be filed if the FCC moved to even so much as corrected a typo in their previous rulemakings)02/26/2015 - 6:59pm
Matthew WilsonThis is a interesting long form article about xbox live since halo 2. http://www.polygon.com/a/the-second-generation-of-xbox-live/page-102/26/2015 - 6:01pm
ConsterJust take pride in joining the group of net neutrality nations, even if it's only temporarily.02/26/2015 - 1:24pm
Matthew Wilsonfcc passed net neutrality. now lets hope they dont screw up the details. ps I am not holding my breath on that one.02/26/2015 - 1:03pm
ZippyDSMleeIf I could stand blizz I would do what I do in Facebook and use zippy, they can screw off if they do not like it.02/26/2015 - 9:31am
Michael ChandraAh. Now THIS is a good reason to not want to enable RealID: Anyone with your email can try adding you as a friend, leading to complications if they find out you're using it but declining their request.02/26/2015 - 5:15am
Michael Chandra(Also, why the hell would you not announce this?? Now people think they got a bug.)02/26/2015 - 5:11am
Michael ChandraThe only argument against the second that I've read so far is 'I'm afraid I'd accidentally RealID instead of BattleTag someone'. How secure are the RealID databases anyway?02/26/2015 - 5:10am
Michael ChandraIt's a silly argument detracting from the two main issues: Is this safe (so RealID only enabled but not given out through twitter in any way) and is it problematic to force people to 'use' RealID without actually sharing it with others?02/26/2015 - 5:10am
Michael ChandraGot to love how people immediately bring up 'yeah I don't see a problem with using my real name, it's not as if people can find me with it'. Maybe not you, but that doesn't mean others cannot be found.02/26/2015 - 5:08am
Michael ChandraSo apparently it's because they wanted to tie it to Parental Controls and didn't want to make a separate parental control for it due to that taking effort.02/26/2015 - 5:03am
ZippyDSMleeWhy do they have billing account name and user name confused? Never understood that....02/26/2015 - 3:29am
Matthew Wilsonhttp://www.bloomberg.com/news/articles/2015-02-25/google-s-computers-learn-to-play-video-games-by-themselves that is fairly impressive.02/25/2015 - 9:21pm
MechaCrashA universal ID among all of your characters across all games is a good idea. Making it use your real name instead of a screen name of your choosing is a horrible idea.02/25/2015 - 5:45pm
Michael ChandraThey also said posting on the forums was optional. To be honest, I really do NOT get why you'd introduce a new feature, brag about it and then secretly put a lock on it.02/25/2015 - 4:52pm
InfophileTwitter integration is a lot more optional than the forums (which was the last place they tried to enforce real names). So I don't see the backlash being as strong this time, especially since they aren't adding the requirement to an existing service02/25/2015 - 12:59pm
Michael ChandraIn the Real ID info, it's an optional thing for friends. Enforcing its usage for tweeting seems rather unnecessary.02/25/2015 - 12:14pm
ZippyDSMleenothing like a a few crashes inbetween moveing 400gb of data....02/25/2015 - 12:09pm
Michael ChandraOkay, so Blizzard's memory officially only goes back four years, as they cannot remember the backlash last time they tried forcing people to use their real names.02/25/2015 - 12:09pm
IvresseOnly context I can provide at the moment is the response from Blizz customer service: https://twitter.com/BlizzardCSEU_EN/status/57060293549676544402/25/2015 - 11:31am
 

Be Heard - Contact Your Politician