Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

More iTunes Accounts Compromised by App Store Developer?

MacRumors

macrumors bot
Original poster
Apr 12, 2001
50,386
11,759
https://www.macrumors.com/images/macrumorsthreadlogodarkd.png




Arstechnica reports on at least one other iTunes user who also claims to have been the victim of fraudulent App Store charges, possibly by a developer.
Ars reader Harper Reed contacted us to detail the problem. His account was used earlier today to purchase 34 of WiiSHii Network's apps without his permission, for a total of $168.89. The apps appear to mostly be travel guides for cities in China, and come in both English and Chinese versions—oddly enough, Reed ostensibly bought both.
Coincident with this activity which occurred today, WiiSHii's apps are also rising in the travel section suggesting that Reed's account may not have been the only one compromised.

The news comes soon after another report of similar fraudulent activity for another developer. In that case, Apple shut down that developer's account, reported that only 400 accounts were affected and denied that there was any compromise of Apple's iTunes servers themselves. Analysts had speculated that phishing had been the source of the account information:
"Standard phishing attacks," said Sullivan when asked to speculate on the most likely way Nguyen obtained access to the iTunes accounts. "That's much more likely than someone hacking the accounts or Apple's database," he added.
According to F-Secure's data, approximately 20% of online users use the same password across multiple accounts, so if that one password is stolen, it opens up access to all of those user's accounts. In this instance, Reed's password was apparently not an easily guessable word, but there was no indication if he used his password elsewhere on the internet.

According to one forum report, stolen iTunes account information is readily available for sale through certain Chinese web sites. If true, this means that the individuals actually stealing the accounts and those using them might not be the same. Based on the single data point, it's also impossible to say for sure the developer was behind the attacks, though they had the most to benefit. That said, it seems unlikely they will benefit from their efforts as Apple will almost certainly shut down their account if they are responsible.

Article Link: More iTunes Accounts Compromised by App Store Developer?
 

arn

macrumors god
Staff member
Apr 9, 2001
15,498
3,966
Seems counter productive, from a developer's POV.

ya, stupid really. also could open up the possibilty of competitors doing this to other developers to try to take them out.

arn
 
Comment

ValSalva

macrumors 68040
Jun 26, 2009
3,746
201
Burpelson AFB
Just basic computing here. You need to be able to identify phishing sites/emails and use unique and strong passwords.
 
Comment

Brien

macrumors 68040
Aug 11, 2008
3,257
956
ya, stupid really. also could open up the possibilty of competitors doing this to other developers to try to take them out.

arn

Totally agree. No different than Facebook "hacking" either.
 
Comment

Saladinos

macrumors 68000
Feb 26, 2008
1,845
0
Apple needs to get on top of this ASAP. My mum just bought an iPhone, and she's still pretty novice at it. She's a prime target for this kind of attack.

She's not unique in that, either. If this isn't fixed, Apple's reputation is going to drown. Most iPhone users love their device, but not when you can't trust Apple's supposedly secure AppStore.
 
Comment

charlituna

macrumors G3
Jun 11, 2008
9,632
815
Los Angeles, CA
Seems counter productive, from a developer's POV.

That and that it was done two out of two weeks makes me wonder if it's not the developer but someone that is trying to get them booted off. possibly both times or this time someone is copycatting knowing that Apple would boot off the developer etc.

And how many of those 400-500 folks actually changed their passwords. I bet not all of them. Add in a few new hits on phishing and such and it would be easy to pull a repeat

Apple needs to get on top of this ASAP.

these aren't brute force attacks on their servers and all the instruction in the world won't stop folks from using 'music' as a password or posting the name of that dog on the facebook account that is linked to the same email

My mum just bought an iPhone, and she's still pretty novice at it. She's a prime target for this kind of attack.

What kind of son doesn't teach her. Or just have her use itunes gift cards and not a credit card so that at the most, someone would get $10-15

My grandfather just started using a computer and the first thing I taught him was that the Internet is like the Wild West, it looks civilized most of the time but at any moment someone could shoot you in the back (he loves westerns so he got the reference) so caution is always in order.
 
Comment

lomafor

macrumors member
Apr 29, 2010
38
0
Apple needs to get on top of this ASAP. My mum just bought an iPhone, and she's still pretty novice at it. She's a prime target for this kind of attack.

She's not unique in that, either. If this isn't fixed, Apple's reputation is going to drown. Most iPhone users love their device, but not when you can't trust Apple's supposedly secure AppStore.

Hello? I don't think you understand what is going on.

There is nothing wrong with AppStore's security in those cases. It is just like your credit card number being stolen and use to make purchase at a store, it is not the store's problem and you should just contact credit card company to investigate.

You shouldn't have lost your info to someone in the first place.
 
Comment

macfan881

macrumors 68020
Feb 22, 2006
2,345
0
do you still need to have a C Card to make a itunes account? if not id say just use gift cards..
 
Comment

kainjow

Moderator emeritus
Jun 15, 2000
7,958
6
It's not that hard to prevent this from happening. Just go to http://www.protect_my_itunes.com, log-in with your iTunes account and follow the instructions!



:p
 
Comment

Orion27

macrumors member
Feb 23, 2003
49
0
I have received several invoices with my email address on the invoice but nothing else relating to me. In French!
 

Attachments

  • iTunes.jpg
    iTunes.jpg
    104.2 KB · Views: 173
Comment

ShiftyPig

macrumors 6502a
Aug 24, 2008
567
0
AU
If you get phished, having a unique and strong password doesn't really help you...

Exactly.

I'm struggling to see how this is "news" as it isn't in any way surprising that a service counting tens of millions of users is the target of phishing efforts. I'd be shocked if nobody in the world was trying to phish iTunes account info.
 
Comment

errin

macrumors member
Feb 7, 2007
56
64
This is mine. Though I'm the one who paid for them but why did I've been charged twice?

 
Comment

Wurm5150

macrumors regular
Apr 28, 2010
161
27
Educate your mum...

Apple needs to get on top of this ASAP. My mum just bought an iPhone, and she's still pretty novice at it. She's a prime target for this kind of attack.

She's not unique in that, either. If this isn't fixed, Apple's reputation is going to drown. Most iPhone users love their device, but not when you can't trust Apple's supposedly secure AppStore.

You should educate your mum on phishing, being careful on going to suspect sites and emails...
 
Comment

cwaddell2002

macrumors member
Jun 21, 2005
80
0
Raleigh, NC
Got Hacked

FWIW, my account got hacked about 6 months ago, and I didn't get phished - also my account password was moderately robust... a word followed by a number combination...

After a good fight with my cc company, I got the $250 in charges reversed, and now have a combination of random letters, symbols, and numbers as my password. I will say that while the problem may not be widespread, there is some brute force attacking going on, or apples servers are getting hacked. Now that said, it would seem there are a couple of things they could do to beef up said security, such as allowing a user to identify a country of origin for their account, or even a series of MAC addresses from which to restrict access... that would probably be a lot of work, and too complex for most users to figure out though, and the problem may not be widespread enough to justify it...

Regardless, I was made whole by my cc company so no big deal - just a hassle...
 
Comment

jstoltz

macrumors newbie
Jul 9, 2010
2
0
Apple could make this more difficult for hackers by making it easier for users to make purchases without storing their credit card information.
 
Comment

hobo.hopkins

macrumors 6502a
Jul 30, 2008
568
0
I will say that while the problem may not be widespread, there is some brute force attacking going on, or apples servers are getting hacked.

I highly doubt that Apple's servers are being hacked; if Apple's servers had been hacked the issue would be far more widespread and have considerably further-reaching implications.

Apple could make this more difficult for hackers by making it easier for users to make purchases without storing their credit card information.

I don't think they would stop storing credit card information. More people would complain about the hassles of having to re-enter information than would appreciate the added security. Myself included.
 
Comment

alphaod

Contributor
Feb 9, 2008
22,177
1,231
NYC
Damn now I'm even checking my own account.

Looks good so far *knock on wood*

This is mine. Though I'm the one who paid for them but why did I've been charged twice?


Pretty sure you can get one of those refunded.
 
Comment

iPoodOverZune

macrumors regular
Jan 13, 2007
235
0
LOST
jailbroken phones/touches

Actually, one of the things that I wanna point out here to all, since we are talking about hacked iTunes account, is the usage of jailbroken/unlocked iPhones/iTouches. The j/l broken phones/touches, if not secured by changing the default passwords (alpine), are the easiest targets to exploit by openSSH, to access your iTunes password.

I suspect many of these hacked accounts available for sale are/may be obtained via this process.
 
Comment

nagromme

macrumors G5
May 2, 2002
12,546
1,196
Talking about is as your account being “compromised BY developer” is misleading.

It’s probably more like “developer pays for promotion by some shady company who has used phishing scams, Windows spyware and the like to trick people into revealing all kinds of passwords, including iTunes passwords."
 
Comment

skeebers

macrumors member
Jun 11, 2009
54
0
Yep..you hit the nail on the head.. Jail broken phones downloading apps with who knows what imbedded in it....
 
Comment

mlmathews

macrumors member
Jun 23, 2009
49
0
My grandfather just started using a computer and the first thing I taught him was that the Internet is like the Wild West, it looks civilized most of the time but at any moment someone could shoot you in the back (he loves westerns so he got the reference) so caution is always in order.

Most likely, your teaching did little good. I've been trying to teach various family members how to protect themselves for many years, but find that it's almost impossible to succeed because most non-technical people lack the instincts to make the judgments on what is and is not safe. Just last week I reminded my mom to be careful about opening email attachments and not 5 minutes later she was wanting to show me some video attachment that had just been forwarded to her.
 
Comment
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.