App Store and iTunes Accounts Hacked
Over the weekend a number of publications received tips from readers about their iTunes account being hacked. According to Engadget and The Next Web, some users saw hundreds of dollars spent on Vietnamese ebooks.
The hacking is said to be the result of one developer trying to 'game the system' to bring his applications to more prominent positions in the App Store. Engadget yesterday afternoon reported that 42 of the top 50 books by revenue are from the seller Thuat Nguyen, whose company website ("mycompany") leads to parked site www.home.com. A lot of the books were released in April and have no customer ratings or reviews.
The books have since disappeared from the App Store suggesting Apple smelled a rat and moved quickly to remove the offending applications.
The Next Web claims these hackings are more widespread than one developer. TNW reports that countless iTunes users have had their accounts compromised and the apps purchased were not exclusive to Thuat Nguyen.
*Image via Engadget
- Shutdown Timer Provides Better Auto Shutdowns
- Any Video Converter Coverts Videos in Bulk
- Desktop Earth: Real-Time Satellite Wallpapers
- Artist Creates Portraits With iPad Brushes App
- Yet Another Droid Incredible Battery Life Fix
- Lots of People Suing Apple for iPhone 4 Reception
- Robot Garbage Man Only Comes When Called
- Fix Your iPhone 4 Reception Woes for a Dollar
- Verizon Gives HTC Incredible Customers $25
- Man Fries iPhone With Giant Magnifying Glass
- Man With Hitler Speech as Ringtone Faces Jailtime
- Apple Wants Engineers for iPhone Antenna Design
- QMobile Now Supports iOS Streaming from NAS
- Here are the Top Apps for Your Mobile Platform
- Kiosks: The Virus Source You're Unaware Of
- The Perfect Mix of Google and Business Cards
- Multi-Layer Display Projects on Water Streams
- The Canon Wonder Camera Concept
- Strap-On Wheels Move Wearer at 10mph
This is blasphemy! Apple/iTunes users are Gods! They can't be hacked!
/sarcasm
no no media lies. All apple products are totally safe.
Sucks for those hacked when they try to get their money back.
iTunes support: "All iTunes purchases are ineligible for refunds."
Happened to me when somehow I got a receipt for purchasing the same exact song 15 times. Hope you enjoy that extra cup of coffee you purchased Steve.
What a twat.
Was iTunes actually hacked here or just idiot users with bad passwords / keyloggers.
Sucks for those hacked when they try to get their money back.iTunes support: "All iTunes purchases are ineligible for refunds."Happened to me when somehow I got a receipt for purchasing the same exact song 15 times. Hope you enjoy that extra cup of coffee you purchased Steve.
what??? how can you buy THE SAME song 15 times?? surely its like steam and once u've bought a song it's yours forever?? please?? I mean, I hate itunes and haven't used it, but for all the pain it brings, surely it could do that??
I can hear the support calls made to Apple now..
"Hi, my account was hacked and the person bought 400 copies of the same $15 app. I'd like to get a refund please"
'Sorry, according to our T&C's we can't refund legitimate purchases. I hope you enjoy your $6000 app.'
Don't you guys get it, your account being hacked is not an issue, its a "feature".
To be fair, this isn't really big news. Itunes accounts get hacked every now and again just like any other online purchase company. The only reason this has suddenly become news is that some developer used a few hacked accounts (if you consider weak password guessing 'hacking') to buy their badly coded software. Most news sites have blown this wildly out of proportion though.
The "All iTunes purchases are ineligible for refunds." thing also only applies to people wanting money back for songs they decide they don't want. In cases of account hacks or children accidentally buying $5000 applications, however, Apple has issued refunds. In this regard they are no different than any other purchased downloads company.
Talked to the hackers. Told them to stop. Not a big deal.
Steve
Sent from my iPhone
Apple should suggest to their users not to use "JobsIsGod" as a password.
Cheers! XD!
...And yet another reason not to upgrade to the Iphone 4! DELL STREAK FTW.
Obviously if you were hacked you must have been holding it wrong.
I wonder if a $30 bumper would fix the problem?
I wonder if a $30 bumper would fix the problem?
I lol'd at this!
That guy who did the hack is more god than steve jobs
no no media lies. All apple products are totally safe.
Right, you should use Microsoft products instead. Nobody hacks those.
What a twat.Was iTunes actually hacked here or just idiot users with bad passwords / keyloggers.
I haven't seen an article on this which makes the compromise clear. It could have been credit cards and not even accounts hacked since all of the reports of charges didn't say "itunes account" but rather "bank account" when talking about money.
It would certainly be nice to know if this was a rogue app on an iPhone / iPad that caused the transactions or a Win/Mac keylogger grabbing passwords. Rogue app would be more of a Apple specific hack and not just using Apple for credit card transactions that banks will trust.
Right, you should use Microsoft products instead. Nobody hacks those.
But the bigger point is how Apple talks about how "safe" their products are compared to MS products. Remember the whole Mac vs PC commercials? Everyone gets hacked. The irony here is that it is Apple.
Apple talks about how "safe" their products are compared to MS products.
We don't know yet if this was a hack of one of the iDevices (iPad, iPod or iPhone) where a rogue app was used to gain access to the account or account details (user/pass stealing).
It could just as easily been a Windows PC virus distributed keylogger or email phishing campaign. How the accounts were compromised is the most important piece of this news and so far it's still unknown.
The iTunes account info is protected by email address/username and password combination. This is a standard security method but is very weak and susceptible to exposure.
what??? how can you buy THE SAME song 15 times?? surely its like steam and once u've bought a song it's yours forever?? please?? I mean, I hate itunes and haven't used it, but for all the pain it brings, surely it could do that??
I'm not sure if it was fixed, but you could keep hitting "Buy Song" and it would charge your credit card over and over.
At least I got 2% of it back, thanks American Express.
So what was the hackers app called "iHackedu"?
I'm not sure if it was fixed, but you could keep hitting "Buy Song" and it would charge your credit card over and over.At least I got 2% of it back, thanks American Express.
You could have just told your credit card company that you didn't but the songs and they should give you the money back. That's why I use my credit card when I make purchases online.
haha Owned again. Fail MAC !!!
Still they won't let go.
Kudos to whoever did this!
You could have just told your credit card company that you didn't but the songs and they should give you the money back. That's why I use my credit card when I make purchases online.
for sure, it is credit card fraud.
I created my itunes account with a credit card i cancelled... account still works but nothing can ever be charged. Torrents = free.
what??? how can you buy THE SAME song 15 times?? surely its like steam and once u've bought a song it's yours forever?? please?? I mean, I hate itunes and haven't used it, but for all the pain it brings, surely it could do that??
Seriously, think about this. "I hate iTunes but have never used it". Your just "acting" stupid right?
We don't know yet if this was a hack of one of the iDevices (iPad, iPod or iPhone) where a rogue app was used to gain access to the account or account details (user/pass stealing).It could just as easily been a Windows PC virus distributed keylogger or email phishing campaign. How the accounts were compromised is the most important piece of this news and so far it's still unknown.The iTunes account info is protected by email address/username and password combination. This is a standard security method but is very weak and susceptible to exposure.
True but again, Apple has always tried to keep this whole "hacking" and "virus" stuff to the MS world and yet here they are, dealing with the same issues. It's not a slam of their products, just their mentality.
Apple has always tried to keep this whole "hacking" and "virus" stuff to the MS world
The most important piece of information is where the vulnerability exists. If this was phishing then it's really "nothing new" on the security front. If it was a problem with iTunes/App Store authentication then it's a really big problem limited to Apple.
Without knowing where security was compromised we only know the end result. Some people were charged for products which they didn't wish to purchase. The fact it was Apple has little bearing until we know what was actually compromised.
This isn't even on the scale of the iPad 3G emails being exposed by AT&T's website... yet.
To: All Apple Employees:
From: Capt. Stevo
Re: iTunes hacked and customer bank info compromised.
1. Tell the customer their password was not secure.
2. Tell the customer that Apple takes their complaint super seriously.
3. If the customer tells you that iTunes itself was hacked deny, deny, deny.
4. Remind the customer that using iTunes makes you hip and cool.
5. Whatever you do, do not agree to give the customer any refund or free products! (Or you will be terminated.)
hahahahaha!!!!!!