iTunes compromised

[surfinhicdude]

Wow, can Apple get a break?

http://www.macstories.net/news/itune...ese-developer/

Many users are reporting that their iTunes accounts got hacked, and they found themselves new owners of these applications. Take a look at a screenshot from The Next Web.

Another iPhone developer, the one that first found out about this Vietnamese dev, reports:

“The developer itself doesn’t seem to be legit – both the company site and support page are missing, no reference of them could be found on Google.

It’s statistically impossible that out of 41 book apps of a developer (he also has one game in his 42 apps portfolio), all of them are in top 50 paid books US, having been published on the same days (most of them on April 16, others on April 20 and the rest on April 22).

The Conan 3 book does have other *extremely* positive reviews written in poor english; none of the other 41 books has any reviews; had the positive ones been legit, other apps should have some kind of reviews as well. But they don’t, so it might be that Conan 3 positive reviews were written by their developer(or his partners), in an attempt of diverting attention from the real issue.”

It really looks like this guy somehow managed to obtain account information from some users, release 42 apps and buy them using those accounts – thus making it to the top of the charts. We’ll keep you posted about this, but in the meantime I suggest you change your iTunes password and check on your bank / Paypal account activity.

Many people believe the store itself was compromised, not just individual accounts. Change your password and remove any stored credit card information asap.

[Mungri]

But Apple are hack proof, virus proof, fail proof, and only consist of epic win.

[BeepBeep2]

But Apple are hack proof, virus proof, fail proof, and only consist of epic win.

Love your sig.

[Manicdan]

how many accounts does a guy need to hack to have a few apps make it to the very top? i think a "ton" would still not be enough

[Kuroimaho]

They are using it wrong, or a mathematical error and the next patch will fix it, nothing to worry about.

[Mungri]

Love your sig.

I also headed on to OCUK to look at what I could build for that much money:

http://img155.imageshack.us/img155/2631/5000pc.png

But Apple are still so much better than crappy Cee Pees.

Sorry for the offtopicness, I literally gasped out loud for real when I configured the Mac beast in my sig on Apples website. Its that awesome.

[xBanzai89]

Just happened to my friend. The guy racked up 500 dollars on his CC, but stopped due to the limit. The hacker loved :banana::banana::banana::banana:os.

[Manicdan]

i can see it now, apple is going to blame it on people who use itunes for windows.

[Pontos]

i can see it now, apple is going to blame it on people who use itunes for windows.

They are installing it the wrong way.

[Nanometer]

But Apple are hack proof, virus proof, fail proof, and only consist of epic win.

lol, first time ive ever quoted anyone, but i think it's worthy.

[Cold Fussion]

If this happened to Amazon you'd all be going on about how we should use the hackers testicles for an episode of 'will it blend?', but because it's Apple you sit back and laugh, grow up please.

[zanzabar]

If this happened to Amazon you'd all be going on about how we should use the hackers testicles for an episode of 'will it blend?', but because it's Apple you sit back and laugh, grow up please.

i would be laughing as u are not going to be secure by leave payment numbers on any website or service other than subscriptions. and u should have a security pin on the credit card and that should not be stored any ware but the card.

but when its something that claims to be hacker proof and the top of security its funny, be it apple or samantec or sun

[alfaunits]

They are installing it the wrong way.

And they are smoking non-Apple approved cancermaker!

[Sn0wm@n]

and another good news for apple

[surfinhicdude]

i can see it now, apple is going to blame it on people who use itunes for windows.

Exactly what macrumors is saying.

[zeroibis]

clearly google made this up to make apple look bad...

[nn_step]

So let me see if I get this straight, they have still yet to fix the same 5 year OLD security exploit in iTunes?

[SquiZZ]

steve jobs: "Don't install it like that"

[Johnny87au]

mannnnn, Apple have to get their together.. lately all i've herd is negative drama.. seems that everything is slowly falling apart!!

[FischOderAal]

Why does everyone think Apple is to blame for this? There are retards everywhere that give away login-information easily...

Hacked accounts sounds a lot more plausible.

[krogen]

There might be a ton of exploits in iTunes but going as far as saying that they can be used for stealing passwords is just a BS.

Even if a password was stolen, it is most likely stored as a hash value. If you have a strong enough password, it won't be broken, unless a hacker has a ton of time on his hands.

[Pontos]

There might be a ton of exploits in iTunes but going as far as saying that they can be used for stealing passwords is just a BS.

Even if a password was stolen, it is most likely stored as a hash value. If you have a strong enough password, it won't be broken, unless a hacker has a ton of time on his hands.

It's not stealing passwords but rather getting access to said accounts by other means. That implies a big security hole in the system.

The hackers themselves have no passwords on their hands; at least not in an unencrypted form as you mentioned.