Another developer by the name of WiiSHii Network has employed what looks like a similar scheme to that employed by the Vietnamese outfit to get a large number of very similar apps, with limited functionality to the top of the Travel Section on the App Store.
A reader of the technology site Ars Technia contacted them to report that she had had around $168 worth of apps from this developer fraudulently put on her account.
Without further information it is hard to guess how wide spread this particular hack is. But bearing in mind that the sections that both these scams have targeted are areas of the App Store with relatively low numbers of Apps in them. Around 1500 in the travel section, for example. It seems that this again is linked to a relatively small number of compromised accounts.
Ars Technica criticise Apple for suggesting that affected customers file a fraud report with their credit card company if this happens to them. Saying that it is not a convenient solution.
They then suggest that people monitor their accounts for suspicious purchases. Which in itself it not very effective because Apple typically batch App Store receipts, and they get sent out a day or more after purchases are made.
As we suggested before: Make sure your iTunes App Store account password is unusual, and has a mix of letters, numbers and different cases in it. Change your password if you think that it may be known, or it has been the same for a long time.
Other than that do remember that with millions of customers it is quite likely that some accounts will be hacked from time to time, and that whilst this story is not trivial it does not mean that iTunes is collapsing under a massive coordinated attack!
Has your account been hacked? Have you seen any suspicious purchases? Let us know in the comments…
]]> https://touchreviews.net/itunes-app-store-hack-reported/feed/ 5What seemed to be happening was that some hacked individuals iTunes accounts, that have been readily available on the Chinese Black Market for some time, were being used to game App Store metrics and push a certain developer’s apps up to the top of the App Store rankings. Thus generating sales for them.
The apps themselves were mostly copyright infringing copies of Japanese Manga that the developer had duplicated and was selling under his own name. Apple were fairly quick to react when developers used to occupying those rankings on the App Store were bumped down by an influx of these fairly dodgy looking Vietnamese apps. Upon investigation the website for the developer was shown to not even be real.
Phil Schiller got involved over the weekend and contacted these, and other concerned developers to tell them that Apple were looking into it. The errant developer was fairly quickly removed from the App Store, along with all of his apps.
And today Apple issued this statement on the issue…
The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.
Developers do not receive any iTunes confidential customer data when an app is downloaded.
If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about cancelling the card and issuing a chargeback for any unauthorised transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.
When you consider just how many iTunes accounts there are, and how many probably have passwords with people’s pet’s names, or their favourite food – despite users always being advised to use more secure passwords – it is hardly surprising that accounts get hacked from time to time. As long as you are using a decent password for your iTunes account, and only connect via Apple’s site, or iTunes then you should be OK.
If you are concerned about your account or credit card being on file with Apple, then perhaps consider using a card with a lower limit, or taking your card off when you are not using the account. Or perhaps use PayPal as a payment option.
At the end of the day this was not a massive hack on the iTunes store, and you are no more likely to be exposed through iTunes to this kind of thing than you are when using your credit card in a real store or on any other web site like Amazon for example. As long as you use sensible passwords, and practice fairly common sense protocols when shopping online!
The point is that this is not an “Apple Issue”, it’s an internet issue, but with Apple being so high profile at the moment people love to jump on these stories and blow them out of all proportion.
Personally I think Apple reacted very quickly to this problem, and seem to have cleared the whole thing up quite satisfactorily.
Are you worried about the security of iTunes? Have you had your account hacked? Let us know in the comments…
]]> https://touchreviews.net/itunes-app-store-hack-apple-issues-statement/feed/ 2