Wednesday, June 8, 2011

iTunes hack faces swelling complaints, casting shadow on iCloud


Will iCloud be dissipated by the coming storm of hackers?
Numerous users have reported their iTunes accounts were hacked, blaming a Sega app called "Kingdom Conquest" for removing funds, and some users had never downloaded the game. Other apps were blamed for draining accounts too.
Betanews revealed this news a week ago, and dozens ofiTunes users reported their account issues. The same problem has been existent since late 2010, but the number of complains has increased significantly since last May.
Some of the victims had their credit card and payment information removed from their account, indicating Apple's awareness of the attacks and its active efforts in protecting the users.
Apple has not responded to Betanews in confirming the issue, despite numerous reports indicating a widespread hack into iTunes. Apple's silence leaves users to speculate on the severity of the issue. On the other hand, Sega has confirmed its ongoing investigation. "We are currently investigating this claim as well as some others, but since we have no access to any customer's iTunes account information or transaction histories we highly recommend contacting Apple directly," the company said in its online forum.
Users are reporting their problems in posts on Apple's Support Communities website. The thread is titled "iTunes store account hacked." Some posts are shown below:
"This happened to me today. I woke up to several emails telling me about payments from my PayPal account. Upon investigation, I found that a free app called Kingdom Conquest had been "purchased" (quotes because it was a free app) and subsequently several purchases of credits/coins/whatever were made through my iTunes account. They dinged me for about $100 from PayPal and wiped out my iTunes balance as well.
I have filed disputes with PayPal and reported this to Apple. I heard back within an hour from Apple, and they refunded my credit balance. Kudos to them for doing that. I have changed my iTunes password and username. Bizarrely, the hacker (if that's what it was) didn't attempt to lock me out of my account. Thank goodness for that. Be aware, however, that this is ongoing. I was not phished. I have a long, complicated (but not random) password. Still, they got access to my account. Best advice I have outside of disabling your iTunes account is to completely remove any attached credit cards or bank accounts." - Craig Williams
"I also had my account deactivated over the weekend. Apple offered no explanation, but I presume this was an attempt to drain my account again. It took 3 days to recover the account this time, and another round of changing passwords and security questions. Now I have my credits, but I'm not in a buying mood and I missed the holiday sales." -lusid
"There are ways for the hackers to disguise their IPs, etc. but it should be perfectly clear to Apple that the number of reports of fraud related to unauthorized "KindgomConquest" purchases on gift cards show a clear pattern of the system being compromised." - carboncanyon
The success of iCloud in the music industry - where Apple is said to be lagging behind - heavily depends on iTunes, as the new "iTunes in the Cloud beta" software was introduced as a service that allows users to download new music, apps, and buy book on their Apple devices wirelessly, and without syncing. iTunes Match was highlighted by Steve Jobs at WWDC's key note as a service that will scan your computer for music and determine which songs are available in the iTunes store, and adding matched music to the iTunes library.
iTunes' future was bright, and will hopefully remain bright. But Apple will need to calm the swelling complaints from iTunes customers over the hacking storm.
-------------------------------
Wait, this is the same issue that's been going on since last year?  I though Apple was so great at making sure their apps were safe before they hit the store.  It sure it taking them a long time for them to plug this hole.  I have an idea, maybe they should wait for it to happen to someone else, steal the idea and then claim they invented the solution. GO APPLE!

5 comments:

  1. Fear, Uncertainty, Doubt.

    Ed Oswald over at Beta News, where this story originated, got hacked. So he's currently in a fishing attempt to find out what happened.

    What we do know:
    It seems to be related to the Sega Game Kingdom Quest.

    What we don't know.
    What sort of computer Ed uses.
    Was he part of the Sony Accounts that got hacked and is lazy with his passwords?

    Actually, having gone to Beta news and read his original report from June 1st it looks very similar to a phishing attack from a few years ago. The current thread on Apple's discussion board dates it back to June 3rd, 2010. So nothing new here.

    You get an email from "Paypal" saying that you have purchased lots of stuff on iTunes, so you log into the account using the links provided...

    Looks like someone took exception to Apple touting they had 225 million credit cards on file.

    I have also seen a ton of articles complaining how Apple are bragging about their sales and people are going for them.

    Will do some more research and post an update here.

    ReplyDelete
  2. Breaking News!...

    Anything bad that happens to anyone who has ever had exposure to any of Apple technology leads to conclusion that Apple was exclusively and maliciously at fault. Haters rejoice that their suspicions have been confirmed that Apple is the cause of all the world's problems.

    ReplyDelete
  3. NOW you're getting it. I know you are just being sarcastic but there's usually some truth in jest. You probably feel that way at least a little. It's OK tho, I won't tell anyone.

    ReplyDelete
  4. Oh, the irony of posting such a comment anonymously.

    ReplyDelete
  5. You know, I used to be a Mac user but I switched about 2 years ago. I switched, initially, because of price. I run a small business and wanted/needed to upgrade and getting all new Apple equipment would've killed me. I went PC (most of my employees were thrilled). I'll tell ya my office runs just as well on Windows and I saved a bundle. I have found that there are more options out there for software including some freeware options. We haven't gotten any viruses or even had one crash (I swear it). Even my Macbook locked up once in a while. I am glad to now have all Windows7 machines and I won't switch back.

    ReplyDelete