A member of the group of hackers credited with uncovering more than 100,000 iPad users’ e-mail addresses on AT&T’s website worked hard to get the story covered by the media, according to recently unsealed court documents.
After the Goatse Security hacking group found a way to make AT&T’s website return the e-mail addresses of iPad users, Andrew Auernheimer apparently wanted the news to hit big, according to a sworn affidavit by Christian Schorle, a special agent with the U.S. Federal Bureau of Investigation.
The 114,000 e-mail addresses comprised a giant virtual Rolodex that included contact information for some major players in the media world. It was a tool Auernheimer seemed ready to use.
Three days before Gawker Media broke the story, Auernheimer pitched it to Arthur Siskind, a member of News Corp.’s board of directors, and “various executives at Thomson Reuters,” Schorle said in the affidavit, dated June 14.
Auernheimer allegedly sent executives at News Corp. and Thomson Reuters unique identifying numbers he had pulled from the AT&T website, known as ICC-ID (Integrated Circuit Card Identifier) numbers, a move that would have proved he was really in possession of the data.
“An information leak on AT&T’s network allows severe privacy violations to iPad 3G,” he wrote in a June 6 e-mail to Siskind, cited in the affidavit. “Your iPad’s unique network identifier was pulled straight out of AT&T’s database.”
Auernheimer “then provided Mr. Siskind with Mr. Siskind’s ICC-ID and wrote: ‘We have collected many such identifiers for members of the media and major tech companies… If a journalist in your organization would like to discuss this particular issue with us … I would be absolutely happy to describe the method of theft in more detail,'” Schorle said.
Both e-mails were sent “at a time when, according to AT&T’s internal investigation, the breach was still ongoing,” Schorle said.
The details could prove to be significant if charges are brought against Auernheimer. If federal investigators believe he sought to profit from the unauthorized access to AT&T’s servers, they could charge him with breaking federal computer crime laws, said E.J. Hilbert, a retired FBI agent who investigated computer crimes for the agency.
The FBI has been following Auernheimer for nearly a decade now. “Since at least in or about April 2001, Auernheimer has been known to the FBI as a computer hacker and self-proclaimed Internet ‘troll,'” Schorle said. Troll is Internet-speak for someone who behaves in an annoying or destructive way toward others.
In a June 10 interview with Cnet, Auernheimer said he went public with the hack to help the public, but Schorle wrote that, given Auernheimer’s history of disruptive trolling, this claim is simply not credible. Auernheimer was profiled in an August 2008 New York Times story that described him as “legendary among trolls.”
“He is said to have jammed the cellphones of daughters of CEOs and demanded ransom from their fathers; he is also said to have trashed his enemies’ credit ratings,” the Times wrote.
The FBI raided Auernheimer’s home in Fayetteville, Arkansas, a few days after the leak. After agents allegedly found drugs during the raid, Auernheimer was charged by local authorities in Fayetteville for felony possession of cocaine, LSD, ecstasy and oxycodone. He’s due in court Thursday to face those charges. The search warrant affidavit was unsealed two weeks ago at the request of the Prosecutor’s Office in Washington County, which encompasses Fayetteville.
Auernheimer knows how to freeze out the media, too. In an obscenity-filled June e-mail, he said he would no longer communicate with IDG News Service because of an April 2009 story that cast doubt on his claims that he had hacked Amazon.com. Since then he has not responded to e-mails seeking comment.
If federal charges are brought against Auernheimer, they are expected to come out of the U.S. Attorney’s Office for the District of New Jersey. Auernheimer has already gone public with a colorful critique of the federal investigation, however, addressed to New Jersey Assistant U.S. Attorney Lee Vartan.
“At Goatse, we do not have a large advertising budget like the DoJ and FBI; our publicity comes from citizen recognition of national stewardship and skillful work,” he wrote in the Nov. 18 note. “I hope that you don’t see this as competition to your own great work in the area, but allow me to communicate that I believe that we could both do better.”
Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert’s e-mail address is firstname.lastname@example.org