Hack Hack Hack Hack It Apart

Goatse Security’s Andrew Auernheimer Found Guilty Of Charges Related to Massive AT&T Hack

When the lulz are over.
ipad 1nb9 460 Goatse Securitys Andrew Auernheimer Found Guilty Of Charges Related to Massive AT&T Hack

Not one of the hacked iPads, we guess.

Goatse Security hacker Andrew Auernheimer, age 26, has been found guilty on federal charges related to downloading the data of over 100,000 iPad owners from AT&T’s website. Wired reports that the jury that heard Mr. Auernheimer’s trial in a New Jersey federal court only took hours to reach a verdict, finding him guilty of identity fraud and conspiring to access a computer without authorization.

Mr. Auernheimer, using the Twitter handle @rabite, tweeted that he knew “there would be a guilty here” and he will appeal.

Mr. Auernheimer and an accomplice, Daniel Spitler, allegedly discovered a hole in AT&T’s website that allowed them to find the email addresses and unique identifying codes for SIM cards that identified users’ iPads on AT&T’s network. Wired reports that’s when they started writing code:

Auernheimer and Spitler discovered that the site would leak email addresses to anyone who provided it with a ICC-ID. So the two wrote a script – which they dubbed the “iPad 3G Account Slurper” — to mimic the behavior of numerous iPads contacting the web site in order to harvest the email addresses of iPad users.

The hackers were able to snag identifying information for some pretty famous iPad users, including Diane Sawyer and New York Mayor Michael Bloomberg.

While Mr. Auernheimer and Mr. Spitler reported the security problem to Gawker and appeared to present themselves as concerned citizens, criminal complaints contained transcripts that seemed to indicate they were really trying to promote themselves and make AT&T look bad by leaking the data. At one point they apparently even discussed the legal risks, with Mr. Auernheimer writing to Mr. Spitler that “you absolutely could get sued to fuck.”

In 2011, Daniel Spitler pleaded guilty for his part in the hack and was released on bail.

Follow Steve Huff via RSS. shuff@observer.com