Apple confirms 400 iTunes accounts hacked

By Jos
Jul 7, 2010
  1. Apple has confirmed that around 400 iTunes users had their accounts compromised over the weekend in an elaborate scheme to manipulate the App Store rankings. The company said in an emailed statement that Thaut Nguyen and his apps have been "removed from the App Store for violating the developer Program License Agreement." The Vietnamese developer allegedly used other people's accounts to purchase his own apps, at one point occupying 42 of the top 50 book apps sold.

    Read the whole story
  2. paynetrain007

    paynetrain007 TS Rookie Posts: 88

    Apple would put all the blame on the user... If it was all just phishing we would be seeing this large scale in almost every online market, but we don't.
  3. Burty117

    Burty117 TechSpot Chancellor Posts: 2,890   +645

    Actually its quite small considering there is over 150,000,000 accounts and only 400 got hacked, so actually I kind of believe apple in this respect.

    I know Apple are masters of deception but I really doubt they want or are encouraging accounts to be hacked etc especially as they don't like to be known as "hackable"

    Really for Apple, this is a big step for Apple in accepting they are sometimes wrong and can be aimed for attack just like everyone else.
  4. Vrmithrax

    Vrmithrax TechSpot Paladin Posts: 1,286   +238

    400 is a relatively small number when compared to the total number of accounts, but it's not a small number. The thing is, hackers like this guy are smart - if they are smart enough to get the info they need on accounts, they are smart enough to keep things on a small scale and try to stay under the radar. You start making massive moves on a grand scale, and you get very VERY large dogs hunting you down, and the penalties for being caught multiply exponentially.

    The problem is, this guy was smart enough to keep the number of accounts to hack small, but not smart enough to judge how his app purchases would rocket up the app store charts and raise a red flag. He either got too greedy, or massively over-estimated the sales of other competing products, which left him standing out like sore thumb.

    It's a mistake to just shrug it off and say "it was a small number" here, because odds are good that it could have been a MUCH larger number of hacked accounts if the intent and will to risk the consequences had been strong enough. But, of course, you'll never hear that from the likes of Apple, they will just fluff unicorn farts and rainbows out at the public, while keeping secret just how severe any holes in their security are. Not saying that Apple is unique in this, nobody would want to hang their laundry in public view if it's full of stains and holes.
  5. TomSEA

    TomSEA TechSpot Chancellor Posts: 2,551   +595 do have a way with words, Vrmithrax.
  6. kyosuke

    kyosuke TS Rookie Posts: 47

    ... So do the users get their money back?

    So it is the users fault for itunes getting hacked, let alone Apple didn't find it weird that 400 users were buying the same App with the same IP address?
  7. umm
    thats an oxymoron:
    Apple Security
    sounds like the old1:
    Internet Security :D
  8. SNGX1275

    SNGX1275 TS Forces Special Posts: 10,689   +395

    Apple didn't get hacked Guest, people's passwords either got guessed or obtained through social engineering.
  9. Oh yeah you can get your money back only after itunes tells you to call your bank and your bank tells you to call itunes.....then your bank will tell you that you have to have a police report of how much and all it's going on a week and just finally got the police report and now the bank will file fraud charges and get it back hopefully.......DO NOT STORE YOUR CREDIT CARD IN ITUNES and change your password like at least once a month.....I don't know if it will help but I cancelled the card they charged that I didn't even have stored on itunes so I'm thinking maybe I'll be safe?????
  10. My account was one of the "400" that was hacked, and it was done via password guessing (even though my password was significantly more complex than the password that Apple gave me when they restored my account - "apple0710")

    My credit card company canceled my account and reversed all the charges, but Apple refuses to restore my iTunes balance that I had from some gift cards that I had gotten.

    I find it amazing that their security is so weak that someone can guess the password on so many accounts all at the same time, and then when it happens they just refuse to do anything about it.

    I will never buy another Apple product.
  11. jobeard

    jobeard TS Ambassador Posts: 9,158   +599

    It's called a dictionary attack; given an account login, the cracker just starts throwing words into the password until success.

    Everyone recommends we should never use
    1. personal data
      • names
      • addresses
      • birthdays
      • age
      • or any combination thereof
    2. words in the dictionary
    but rather we need to use a combination like
    • UPPER case & lower case letters
    • two or more numbers
    • at least one special character in the set {@#$%&*_-=+}
    • and a total length of eight or more
  12. 400 Accounts? I think they need to recount. My account along with many others were attacked today and it looks like the attacks have never really stopped.
  13. SNGX1275

    SNGX1275 TS Forces Special Posts: 10,689   +395

    Perhaps you should use a decent password.
  14. captaincranky

    captaincranky TechSpot Addict Posts: 11,467   +1,760

    If your iTunes account gets hacked and your songs get stolen, who will the RIAA sue for copyright infringement, you, you and the hacker, or just the hacker? Perspiring minds want to know...:rolleyes:

    Bonus question;"If an airplane crashes on a state line, in what state do you bury the survivors".
  15. red1776

    red1776 Omnipotent Ruler of the Universe Posts: 5,219   +157

    " I'll take airline crashes for 100 Bob"

    well you would take them back to their home towns of course and.......Oh! fooler!
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...