iMessage security breach

Discussion in 'iOS 5 and earlier' started by DKDMac69, Nov 11, 2011.

  1. DKDMac69 macrumors newbie

    Joined:
    Nov 11, 2011
    #1
    So, this is the situation. Last night my sister and I were texting each other. When all of the sudden a message (inappropriate) was sent from what appeared to be from her iPhone. At first she thought is was from me, but I had immediately texted her back with a "?". She texted "who is this?" and again the "unknown /rogue" texter replied "hahahaha...suck my #@!!'s" I replied. "I will find you..." the rouge testing stopped...(temporarily)
    We immediately called both AT&T tech services and Apple Care Technical Services. Apple told my sister that someone accessed her Apple ID account information and that she should change her Apple ID account info by changing her email address (Apple ID) and password. They assured that this should fix this problem. Also to turn off iMessage (which can be used to communicate over WiFi). Well, guess what...this morning the "rogue texter" texted an inappropriate message to my neices baby sitter, from my sister's account. This is very disturbing. Any one out there have or heard of the same or something similar? Any recommendations as to how to fix this or track who has "hacked" into this account? Thoughts???:confused:
     
  2. Hf44 macrumors member

    Joined:
    Sep 17, 2011
    #2
    if she is connected to a wireless router, make sure its secure, and has a password
     
  3. DKDMac69 thread starter macrumors newbie

    Joined:
    Nov 11, 2011
    #3
    continued....

    NOTE: So, to add to this... the texts that I receive from her are in a blue bubble, from my POV, it looked as if she was texting also from her POV it was in a clear bubble as if she sent the message from her iPhone 4S (we both have iPhone 4S's).

    ----------

    Hey, Thanks for the tip, however...When we were texting we were both in locations w/out our wifi on. Also, we both have very secure wireless setup with very cryptic passwords at our homes.

    One other thing the reason why she recently purchased the 4S is because she lost her iPhone 3GS a couple days ago. This could explain how this rogue texter was able to iMessage with her iPhone. But, he/she was able to iMessage this morning after my sister changed her Apple ID and password.
     
  4. OneMike macrumors 601

    OneMike

    Joined:
    Oct 19, 2005
    #4
    I'm leaning towards the 3GS. Are the iMessages tied to phone number or email?
     
  5. dotme macrumors 6502a

    Joined:
    Oct 18, 2011
    Location:
    Iowa
    #5
    Pay attention to where the text came from. Was it from a Phone Number, or an AppleID/Email?

    If unsure, disassociate the sender's AppleID from Phone Number. For example, on the phone that's receiving these messages, split the sender (your sister's) contact out. Sister iPhone = one contact, with only her phone number. Sister AppleID = separate contact, with only her AppleID info.

    Then see which one the sender is really using when the next message comes in. My money's on the phone number, NOT the AppleID.

    I've seen a few threads like this one. Someone sells their old iPhone, either forgetting to wipe it first, or leaving the SIM in it (even though the SIM is no longer activated) and this sort of thing follows...

    EDIT: - Saw your additional info. Yep, I'm with OneMike. It's the 3GS.
     
  6. DKDMac69 thread starter macrumors newbie

    Joined:
    Nov 11, 2011
    #6
    We are thinking phone number, but could be email b/c the Apple ID is an email address. So whomever hacked her iPhone /iMessage/ computer has both phone number and email.

    Thank you OneMike.
     
  7. dotme macrumors 6502a

    Joined:
    Oct 18, 2011
    Location:
    Iowa
    #7
    I'll just add that this is happening way too much, and it's really on Apple to fix it.

    It's their system that routes iMessages, and to not have a way to cancel/block a device that is stolen from reading/sending iMessages from the phone number it was using before the theft is just ridiculous.

    Your sister should try a remote wipe on the stolen phone. If the issue continues, I'd call Apple and raise a huge stink over it. Not tech support, but Apple customer relations.

    She could always change her phone number, but nobody should have to go though the hassles of changing their phone number due to a misbehaving app.

    I'm not even convinced a remote wipe would fix this. It depends on if the phone can still somehow get the original phone number off the deactivated SIM.

    Eventually, someone at a security firm will investigate and then we'll know.
     
  8. DKDMac69 thread starter macrumors newbie

    Joined:
    Nov 11, 2011
    #8
    Hey Thanks alot. We did stress that they [Apple] to further investigate, they told us it was most likely a breach on her home computer (security). But, said that if their suggested "fix" doesn't work, then they'd escallate this case to their Sr Mgmt *rolling-eyes...* Thanks again...really appreciate your help!
     
  9. Jordan921 macrumors 68040

    Jordan921

    Joined:
    Jul 7, 2010
    Location:
    Bay Area
    #9
    Hope Apple makes a better effort to try to fix this.
     
  10. DKDMac69 thread starter macrumors newbie

    Joined:
    Nov 11, 2011
    #10
    Me too! :rolleyes:
     
  11. rowley macrumors 6502

    rowley

    Joined:
    Dec 16, 2008
    Location:
    London, UK
    #11
    hold on - changing the appleid and password makes a new account - the old account still exists, so anyone using the old account can still send messages to someone who they have already messaged, or alrady have their contacts.

    apple need to delete the old account - making it invalid surely, or am I just getting it wrong here?

    R>
     
  12. VulchR macrumors 68020

    VulchR

    Joined:
    Jun 8, 2009
    Location:
    Scotland
    #12
    @OP: Perhaps you can use Find My iPhone to track down the 3GS. The longer the clown whose texting you from the 3GS stays online, the easier it will be track him/her down. Also, you should be able to do a remote wipe of the 3GS.
     
  13. Mliii macrumors 65816

    Mliii

    Joined:
    Jan 28, 2006
    Location:
    Southern California
    #13
    I had a very similar situation- a rouge texter who sent messages to someone I was not even texting at the time. I didn't even have my phone on when it happened. I have seen a couple of other postings about similar situations, some of which have been blamed on re-sold iPhones, etc. None of that is my case.
    I find this frightening and Apple/AT&T's attitude towards it TOTALLY frustrating and unacceptable. With no other thoughts, it strikes me that is an issue related to iMessage.
     
  14. Ruby110 macrumors newbie

    Joined:
    Mar 8, 2010
    #14
  15. DKDMac69 thread starter macrumors newbie

    Joined:
    Nov 11, 2011
    #15
    Hey Rowley, that's what I asked them. We are not opening a new "account" the account still remains, but changing the Apple ID and password should not allow the "rogue texter/hacker" access to her account, unless he's hacked her personal computer.
     
  16. JZTech101 macrumors member

    JZTech101

    Joined:
    May 15, 2011
    Location:
    East Brunswick, NJ
    #16
  17. Geckotek macrumors G3

    Geckotek

    Joined:
    Jul 22, 2008
    Location:
    NYC
    #17
    So, because the guys posts his story, finds a similar one and posts in there as well, he's a fake? Tell me how that works again? Sorry, no logic in your statement.
     
  18. dotme macrumors 6502a

    Joined:
    Oct 18, 2011
    Location:
    Iowa
    #18
    You're "CEO" of TechCavern and you don't understand this thread? Really?

    Imagine your iPhone is stolen. Snatched out of your hand at a train station, taken at knifepoint, or by some other means.

    You remote wipe the device, then call the carrier and have them deactivate the SIM. You replace your phone, and move on.

    Then you find out that the theif can still send and receive iMessages at your phone number, and you can't do anything about it. The stolen phone has a dead SIM, but your number is still on the SIM. Even if the phone is wiped, and set up as new, it can receive iMessages for the number on the SIM that's installed.

    It seems to me that's what's going on in some cases - and if that's true, it's a big problem. No?
     
  19. Matthew Yohe macrumors 68020

    Joined:
    Oct 12, 2006
    #19
    The title here is a little alarmist. It's not an iMessage security breach, rather a single user's iTunes Account was compromised.
     
  20. Rodimus Prime macrumors G4

    Rodimus Prime

    Joined:
    Oct 9, 2006
    #20

    Just going to point out. AT&T responses is the correct one. They have nothing to do with the iMessage network and Zero control over it. All the can and should do is point you to Apple.

    This is a 100% Apple problem. A simple solution for Apple to put in is for you the user to de-Authorized devices from a log in on your computer. This removes them from being able to send or receive iMessage until reauthorized.

    Apple has created this mess and really not doing much to try to fix it.
     
  21. dotme macrumors 6502a

    Joined:
    Oct 18, 2011
    Location:
    Iowa
    #21
    Well, maybe. But that's not how I read it. This seems to be more about their phone number than their iTunes account...
     
  22. Geckotek macrumors G3

    Geckotek

    Joined:
    Jul 22, 2008
    Location:
    NYC
    #22
    You're both wrong. In another thread the purchaser didn't even have the sim.

    Seems to me like iMessage associates the IMEI with their iTunes account. This association doesn't get wiped when you wipe the phone since it is stored in iCloud.
     
  23. britboyj macrumors 6502a

    Joined:
    Apr 8, 2009
    #23
    So, before you sell a phone, turn OFF iMessage, send some texts or whatever and THEN restore?
     
  24. sjinsjca macrumors 68000

    sjinsjca

    Joined:
    Oct 30, 2008
    #24
    Like Blackberry's Messenger, iMessage datastream is encrypted. See http://www.anandtech.com/show/4956/apple-ios-5-review/3

    This means the WiFi can be open, and the data is still secure.

    So it's not that.
     
  25. rasputinj macrumors regular

    Joined:
    Sep 25, 2007
    #25
    My concern about this thread and another similar was started by people who have just joined the forum. Maybe it is a coincidence maybe not. I do find the thread titles to be alarmist though.
     

Share This Page