Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

App Store, Hacked. (Updated: iTunes Accounts too.)
The Next Web ^ | July 4th, 2010 | Zee

Posted on 07/04/2010 7:02:00 PM PDT by PugetSoundSoldier

Two iPhone App developers have spotted what appears to be a hacking of the App store rankings by a rogue developer. The rankings in the books category of the US iTunes store features 40 out of 50 apps by the same app developer, Thuat Nguyen.

What’s more concerning is that it seems individuals iTunes accounts have been hacked to make mass purchases of that one developer’s apps.

(Excerpt) Read more at thenextweb.com ...


TOPICS: Computers/Internet
KEYWORDS: apple; apps; ilovebillgates; iphone; iwanthim; iwanthimbad; microsoftfanboys; secure
Navigation: use the links below to view more comments.
first 1-5051-100101-141 next last
Check your iTunes account - the App Store's been compromised, you may be paying for someone else to get all the apps they want.
1 posted on 07/04/2010 7:02:03 PM PDT by PugetSoundSoldier
[ Post Reply | Private Reply | View Replies]

To: PugetSoundSoldier

Thanks for the info!


2 posted on 07/04/2010 7:03:29 PM PDT by Randy Larsen ( BTW, If I offend you! Please let me know, I may want to offend you again!(FR #1690))
[ Post Reply | Private Reply | To 1 | View Replies]

To: for-q-clinton; TomServo; driftdiver; Swordmaker

Apparently the walled garden has been breached... And people are getting nailed for hundreds of dollars of app downloads.


3 posted on 07/04/2010 7:04:07 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

ping


4 posted on 07/04/2010 7:04:25 PM PDT by Keith in Iowa
[ Post Reply | Private Reply | To 1 | View Replies]

To: PugetSoundSoldier

You evil hater


5 posted on 07/04/2010 7:08:29 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: driftdiver; Swordmaker

Sorry, that’s GD EVIL, LYING, FUD SPREADING SINNER AGAINST APPLE to you...;)

At least I pinged Swordmaker so he can come here and tell me that I’m a liar, it’s all FUD and there is no problem. And not complain for some reason that a thread that dealt with Apple was not given to him immediately (although I don’t know the problem about that)...


6 posted on 07/04/2010 7:10:49 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Randy Larsen

You’re welcome!


7 posted on 07/04/2010 7:11:41 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 2 | View Replies]

To: PugetSoundSoldier

Thankfully I have no credit card on file with Itunes..learned my lesson a few years ago when I had my Visa in Itunes, someone was able to steal it and made about 200 bucks worth of purchases for apps and cheesy movies


8 posted on 07/04/2010 7:12:52 PM PDT by Sarah Barracuda
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sarah Barracuda

So you’re saying this isn’t a new problem?


9 posted on 07/04/2010 7:14:02 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: PugetSoundSoldier

This is why I only keep about twenty bucks in my PayPal account. :)


10 posted on 07/04/2010 7:14:02 PM PDT by MarineBrat (Better dead than red!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Sarah Barracuda
learned my lesson a few years ago when I had my Visa in Itunes, someone was able to steal it and made about 200 bucks worth of purchases for apps and cheesy movies

That's impossible, we've all been told time and again there has never been a security breach of any Apple product "in the wild"...;)

At least you won't lose money this time! And don't trust the App ratings either, since they're gamed as well, apparently...

11 posted on 07/04/2010 7:16:44 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 8 | View Replies]

To: PugetSoundSoldier

Sounds like Apple needs a PCI audit. On average every account they’ve lost will cost slightly more than $200 to repair. Thats restitution, penalties to the card issuers, possible legal trouble from the card owners, and cost of replacing the cards.

Could be higher of course. If they’ve lost enough account they’ll be forced into some very expensive corrective actions.


12 posted on 07/04/2010 7:17:15 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 6 | View Replies]

To: PugetSoundSoldier

My mother had someone clean out her bank account through Itunes a while back. Apple didn’t seem to care one way or the other but the bank cared a lot and gave her the money back and went after Itunes themselves.


13 posted on 07/04/2010 7:17:29 PM PDT by cripplecreek (Remember the River Raisin! (look it up))
[ Post Reply | Private Reply | To 1 | View Replies]

To: cripplecreek
My mother had someone clean out her bank account through Itunes a while back. Apple didn’t seem to care one way or the other but the bank cared a lot and gave her the money back and went after Itunes themselves.

Those are the actions of a company that cares more about the bottom line than the satisfaction of their customers, not a company that's supposed to "Think Different"! ;)

14 posted on 07/04/2010 7:20:17 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 13 | View Replies]

To: driftdiver

Not a new problem. The person who hacked into my apple account was some guy in China..I called Visa right away and canceled the card. This crap isn’t new..happens all the time. I don’t buy anything from Itunes anymore


15 posted on 07/04/2010 7:21:09 PM PDT by Sarah Barracuda
[ Post Reply | Private Reply | To 9 | View Replies]

To: driftdiver

My mother bought a news report about trucking to write an article with some of the info. Several months lated she started getting hit with major purchases of music downloads she never bought.

She got it straightened out but it was with no help from apple or itunes.


16 posted on 07/04/2010 7:24:05 PM PDT by cripplecreek (Remember the River Raisin! (look it up))
[ Post Reply | Private Reply | To 9 | View Replies]

To: driftdiver

Yep. But from post 13, it sounds like Apple will say “screw you” and ignore it, let the credit card company come after them. Just like a cold, calculating “bottom line oriented corporation”, not a caring entity.

Funny, I claimed that a week ago in another thread and was pilloried for it. Now we see that, in fact, Apple cares more about the bottom line than a given user’s satisfaction or experience. They’ll only care about an issue if it becomes large enough to affect enough users in a significant enough manner to threaten their profitability.

Apple: Think Different (about us; while we’re the same dollar-driven bastards as the rest of the industry we rail against, we still want you to ignore that and consider us blameless in all things)


17 posted on 07/04/2010 7:24:38 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 12 | View Replies]

To: PugetSoundSoldier

It wasn’t hacked, you are just holding iTunes wrong.


18 posted on 07/04/2010 7:25:47 PM PDT by mnehring
[ Post Reply | Private Reply | To 1 | View Replies]

To: mnehring

Is there a $30 rubber band I can buy that will secure my iTunes account?


19 posted on 07/04/2010 7:28:35 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 18 | View Replies]

To: PugetSoundSoldier

All companies that accept credit cards have agreements with the card companies. Penalties for stuff like this start at $500,000 dollars. Technically Apple is required to report incidents like this but they probably do it on an individual account basis thereby avoiding the repercussions.


20 posted on 07/04/2010 7:33:58 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 17 | View Replies]

To: mnehring

“It wasn’t hacked, you are just holding iTunes wrong.”

LOL you owe me a new keyboard.


21 posted on 07/04/2010 7:35:09 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: PugetSoundSoldier

While the credit union shouldn’t have allowed it to happen, they at least made it right and helped her set it up so no purchases from iTunes could be made without the bank calling her first.

Also a good statement on credit unions.


22 posted on 07/04/2010 7:35:56 PM PDT by cripplecreek (Remember the River Raisin! (look it up))
[ Post Reply | Private Reply | To 14 | View Replies]

To: PugetSoundSoldier

The only way you should ever buy anything online:

Get a credit card that allows you to create virtual cards with dollar and time limits.


23 posted on 07/04/2010 7:35:58 PM PDT by HearMe
[ Post Reply | Private Reply | To 1 | View Replies]

To: HearMe

No need for that, just don’t use a debit card. Review all charges to credit cards every month.


24 posted on 07/04/2010 7:37:59 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 23 | View Replies]

To: driftdiver

How is that easier or safer?


25 posted on 07/04/2010 7:39:51 PM PDT by HearMe
[ Post Reply | Private Reply | To 24 | View Replies]

To: driftdiver; mnehring

OUCH.

Well, like mnehring said, it’s obviously the user who’s using iTunes wrong, it’s not Apple’s fault!

I wonder if tomorrow we’ll see a bunch of open Apple headcount recs for IT security experts...;)


26 posted on 07/04/2010 7:41:09 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 20 | View Replies]

To: HearMe

Its easier because you don’t have the hassle of the temp accounts. Its just as safe because either way your exposure is limited to $50 and even that is usually waived.

Either way you are responsible for reviewing your charges and disputing fake ones.


27 posted on 07/04/2010 7:43:15 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 25 | View Replies]

To: PugetSoundSoldier

I had someone buy something on my itunes account about a month ago. Some weird rap song that I would never have purchased. They did it through Paypal. I disputed the charge and it was put back into my account. I didn’t really think anything of it at the time as it was for only $1.29 but it ticked me off enough to dispute the charge.


28 posted on 07/04/2010 7:43:21 PM PDT by abner (I have no tagline, therefore no identity.)
[ Post Reply | Private Reply | To 14 | View Replies]

To: PugetSoundSoldier

“I wonder if tomorrow we’ll see a bunch of open Apple headcount recs for IT security experts...;)”

I’ll send them an unsolicited proposal for a PCI audit. Might just cause a few problems when I bring my windows test machine in to scan their environment. :)


29 posted on 07/04/2010 7:45:22 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 26 | View Replies]

To: abner

Could have been a mistake, could have been a test transaction. Sometimes they’ll try small transactions first to see if the account is valid.


30 posted on 07/04/2010 7:46:45 PM PDT by driftdiver (I could eat it raw, but why do that when I have a fire.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: driftdiver

Maybe you don’t understand what a virtual card is and does.

When I want to purchase something online, from a value of $1.00 to thousands, I log in to my credit card account, in one minute I create a one time use number filled with a monetary value and expiration date I desire. I use it.

I don’t care if it’s hacked, traded, whatever, I don’t have to ever care, it’s useless to anyone after that one purchase.


31 posted on 07/04/2010 7:49:00 PM PDT by HearMe
[ Post Reply | Private Reply | To 27 | View Replies]

To: PugetSoundSoldier

How long before Apple blames Microsoft...


32 posted on 07/04/2010 8:46:42 PM PDT by Mannaggia l'America
[ Post Reply | Private Reply | To 1 | View Replies]

To: PugetSoundSoldier; ~Kim4VRWC's~; 1234; 50mm; Abundy; Action-America; acoulterfan; AFreeBird; ...
POTENTIAL PHISHING ATTACK OR FRAUD WARNING PING!

App Store and iTunes Store users accounts are being charged for fraudulent purchases. Regardless of how his is being done, watch your email for purchase receipts from Apple for items you didn't buy and check your recent purchase history at Apple. If you find suspicious activity, notify both Apple and your credit card company and/or your bank immediately!

Thanks to PugetSoundSoldier for the post and heads up Ping!


Fraud Warning Ping!

If you want on or off the Mac Ping List, Freepmail me.

33 posted on 07/04/2010 8:54:22 PM PDT by Swordmaker (Remember, the proper pronunciation of IE is AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: driftdiver

Tweedle Dee and Tweedle Dumb. Guess which one you are.


34 posted on 07/04/2010 8:57:08 PM PDT by BunnySlippers (I LOVE BULL MARKETS . . .)
[ Post Reply | Private Reply | To 5 | View Replies]

To: driftdiver

Tweedle Dee and Tweedle Dumb. Guess which one you are.


35 posted on 07/04/2010 8:57:14 PM PDT by BunnySlippers (I LOVE BULL MARKETS . . .)
[ Post Reply | Private Reply | To 5 | View Replies]

To: PugetSoundSoldier

wow I wonder how they hacked the accounts. What’s worse is that there’s an incentive to hack to raise one’s apps to the top of the list.


36 posted on 07/04/2010 8:57:39 PM PDT by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker; PugetSoundSoldier
Where is the flaw?

The Mac OS? The iTunes app? The Apple applications online store? PayPal? The credit card accounts?

Bit-sniffing over public wireless connections?

Gotta know specifics on where the hole is before attempting to patch it.

Cheers!

37 posted on 07/04/2010 8:59:43 PM PDT by grey_whiskers (The opinions are solely those of the author and are subject to change without notice.)
[ Post Reply | Private Reply | To 33 | View Replies]

To: PugetSoundSoldier; driftdiver; Swordmaker
> Sorry, that’s GD EVIL, LYING, FUD SPREADING SINNER AGAINST APPLE to you...;) At least I pinged Swordmaker so he can come here and tell me that I’m a liar, it’s all FUD and there is no problem

You know, Puget, your protests that you aren't anti-Apple would ring a lot truer if you weren't quite so giggly and gleeful in your posts about problems relating to Apple. But you have the right to do so, and I'm not telling you to stop. Just sayin', you give yourself away.

OTOH, it's not fair to prejudge what Swordmaker's reaction will be. He's brought a fair number of Apple's failures to FR threads.

Your taunt is just trying to start a fight. At the moment, you are trolling. And I think even in your glee you will have to admit that.

So please cut it out. It's unworthy. Thank you.

In fact I see that Swordmaker has posted a comment that is supportive of the thread concern, and he thanks you for the thread post. You might want to offer him a (small) apology for judging wrongly.

By the way, is this problem corroborated anywhere else, or is it just one blog post? I'm just starting to read about it, so I don't have perspective yet.

38 posted on 07/04/2010 9:01:00 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 6 | View Replies]

To: dayglored; Swordmaker

I appreciate your comments; however, history is that - even if proven correct - I will still be condemned by most as an Apple hater. Even when I prove my case, they will refuse to recant their charges of liar and FUD spreader. And thus I claim those labels as trophies of their refusal to be honest.

I must admit, I am surprised Swordmaker didn’t burst in with a “FUD” charge first, as has happened every other time, even when my posts are completely accurate and truthful. Perhaps he’s learning that just because I post something that he thinks is negative towards Apple, it does not make it false.

As a few other FReepers have posted above, iTunes accounts have been hacked before, and apparently are being hacked again.


39 posted on 07/04/2010 9:07:26 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 38 | View Replies]

To: PugetSoundSoldier; driftdiver; Swordmaker
> By the way, is this problem corroborated anywhere else, or is it just one blog post?

So far I've seen articles on CNet and Engadget, and they all refernce the TNW blog.

I don't see any corroboration, just parroting.

Not that that weakens the report -- but corroboration will make it stronger.

40 posted on 07/04/2010 9:07:28 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 38 | View Replies]

To: PugetSoundSoldier

This story was reported many hours ago on Apple sites. You’re late to the party.

What are you? An apple hater or a non-Apple product lover?


41 posted on 07/04/2010 9:11:17 PM PDT by BunnySlippers (I LOVE BULL MARKETS . . .)
[ Post Reply | Private Reply | To 39 | View Replies]

To: PugetSoundSoldier; driftdiver; Swordmaker
It's beginning to get what looks like corroboration.

PC Magazine article

I'm willing to bet this is real, and that Apple will admit to it eventually, but not immediately.

42 posted on 07/04/2010 9:12:55 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 40 | View Replies]

To: PugetSoundSoldier

>>> Even when I prove my case, they will refuse to recant their charges of liar and FUD spreader.

Broken clocks are occasionally right and blind squirrels stumble upon nuts.


43 posted on 07/04/2010 9:13:51 PM PDT by Keith in Iowa
[ Post Reply | Private Reply | To 39 | View Replies]

To: PugetSoundSoldier
> I appreciate your comments; however, history is that - even if proven correct - I will still be condemned by most as an Apple hater. Even when I prove my case, they will refuse to recant their charges of liar and FUD spreader. And thus I claim those labels as trophies of their refusal to be honest.

Fanboys, of all stripes, tend to be blind to the failings of their chosen gods. They're not just bowing to Apple -- Microsoft doesn't attract them like before Vista, but I'm sure you remember the guys for whom Microsoft could do no wrong, and for whom everybody else was full of sh*t. Apple fanboys make me crazy, but no crazier than Windows fanboys did in their day.

> I must admit, I am surprised Swordmaker didn’t burst in with a “FUD” charge first, as has happened every other time, even when my posts are completely accurate and truthful. Perhaps he’s learning that just because I post something that he thinks is negative towards Apple, it does not make it false.

Spoken like a gentleman. :) (Obscure Monty Python ref.)

> As a few other FReepers have posted above, iTunes accounts have been hacked before, and apparently are being hacked again.

Yep, I think it's pretty clear somebody figured out a way to game the system and clean money from other people's accounts.

This has the aspect of yet another black eye for Apple, and it's totally their own, not AT&T's or anybody else's baby.

It also seems, the more I read on it, that this has been around for quite some time as a problem (not new today, anyway).

44 posted on 07/04/2010 9:23:42 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 39 | View Replies]

To: dayglored

See posts 8 and 13, above, at least for the iTunes breaches. I’m sure we’ll see the TNW article backed up, there’s already quite a bit of talk on other tech sites like slashdot.


45 posted on 07/04/2010 9:26:14 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 40 | View Replies]

To: dayglored; driftdiver; Swordmaker

See posts 41 and 43; perhaps now you understand why I wear their insults as a badge of honor... Even when 100% correct I must be wrong, or at least 2nd place.


46 posted on 07/04/2010 9:29:34 PM PDT by PugetSoundSoldier (Indignation over the Sting of Truth is the defense of the indefensible)
[ Post Reply | Private Reply | To 42 | View Replies]

To: PugetSoundSoldier; Swordmaker
> That's impossible, we've all been told time and again there has never been a security breach of any Apple product "in the wild"...;)

Who ever said that?

The only thing I know of that sounds like that is the claim that there are no self-replicating viruses "in the wild" for OS-X. That is, all known malware for OS-X requires operator cooperation ("Please download and execute this code"), or physical access to the machine (in which case all bets are off for -any- product).

I personally do not know of any self-replicating viruses for OS-X, so you may have seen me make that claim for OS-X's security.

But to say that anybody claims "that there has never been a security breach of any Apple product" is really out there. They must not know about Mac OS 9 and prior. If you can come up with an FR post where somebody wrote that statement, I'll join you in your derision of them.

That's a promise, Puget.

I'll ping Swordmaker to this comment, since being the Apple thread master, he may know of someone who made such a claim.

47 posted on 07/04/2010 9:34:24 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 11 | View Replies]

To: dayglored

“I’m willing to bet this is real, and that Apple will admit to it eventually, but not immediately.”

I’m sure they were stunned to find that your account never had as much in it as they had been reporting to you, but in a few weeks they will update your account with the new lower value.


48 posted on 07/04/2010 9:35:47 PM PDT by RS ("I took the drugs because I liked them and I found excuses to take them, so I'm not weaseling.")
[ Post Reply | Private Reply | To 42 | View Replies]

To: PugetSoundSoldier
> See posts 8 and 13, above, at least for the iTunes breaches. I’m sure we’ll see the TNW article backed up, there’s already quite a bit of talk on other tech sites like slashdot.

Yep.

Looks like the Slashdot post is also based on TNW's blog post.

If this is the result of a hack of iTunes itself (somebody busted iTunes security), then it's very bad for Apple. OTOH, if somebody got a bunch of iTunes account credentials some other way than through iTunes (say, through a separate phishing campaign), it's still not good but the headline "iTunes hacked" is not longer quite accurate.

I'll be interested to see which way it ends up.

49 posted on 07/04/2010 9:43:02 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 45 | View Replies]

To: RS
> I’m sure they were stunned to find that your account never had as much in it as they had been reporting to you, but in a few weeks they will update your account with the new lower value.

HAHA!! LOL. Good one.

50 posted on 07/04/2010 9:44:15 PM PDT by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 48 | View Replies]


Navigation: use the links below to view more comments.
first 1-5051-100101-141 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson