The conclusion for hackers stole 114,000 iPad accounts

Eventually the culprit of the AT&T cyberattack also bowed to the guilty plea after being arrested earlier this year, claiming ways to take away 114,000 iPad users' accounts.

The conclusion for hackers stole 114,000 iPad accounts Picture 1
Daniel Spitlert created script code capable of 'harvesting' the ICC-ID of AT&T 3G iPad users. Photo: internet

From June to September 2010, two young people, Andrew Auerheimer and Daniel Spitlert, broke into AT & T's management system and took away 114,000 iPad users' 3G accounts, including those of famous figures. and government officials.

In early 2011, both hackers were arrested by US police. So far, Daniel Spitlert - one of two suspects - has acknowledged his behavior. At the same time, this hacker also confirmed himself to be a member of the Goatse Security organization. The number of emails retrieved from AT&T was transferred to Gawker and quickly spread on the internet.

The duo Daniel - Andrew attacked AT&T 's administration system through a browser vulnerability with a self - created script code called "iPad 3G slurper account" capable of identifying the ICC - ID number (of a circuit type). integrated on the iPad user identification cards). Daniel's testimony exactly coincided with what the US judicial department had acquired through the chat between Daniel and Andrew.

The conclusion for hackers stole 114,000 iPad accounts Picture 2
Daniel brags to his colleague Andrew that he has created a script that can get AT & T's 3G iPad user information - Photo: US Justice Department

At the time of the incident, the Goatse group announced that they were just trying to help AT&T see the security of their site. They discovered how to break into AT & T's website management system and access the email address source with the iPad ID of the carrier's 3G network service user.

It is expected that Daniel Spitlert will face a sentence of up to 10 years in prison with a $ 500,000 fine for unauthorized access and identity theft. The sentence will be enforced immediately after the final trial in Newwark federal court, New Jersey, on September 28. And Andrew, with Daniel, is still facing private trials.