Skip navigation

iTunes store account hacked

663116 Views 1,939 Replies Latest reply: Apr 13, 2014 10:39 PM by Chris CA RSS Branched to a new discussion.
  • Carlo TD Level 3 Level 3 (550 points)
    Currently Being Moderated
    May 16, 2012 9:21 AM (in response to Smoothvirus)

    Smoothvirus wrote:

     

    Well it has happened to me as well. On Monday evening I purchased three songs off of iTunes from my PC. The next morning I get a message on my iPhone that I had downloaded an app from a computer. I was at work at the time and had not downloaded any apps. I logged into my iTunes account and changed the password as quickly as I could.

     

    I certainly have not been phished because I am wary of such things and have not had any requests to enter my iTunes password anywhere, certainly not on any of my PCs. A virus seems to be pretty unlikely as well. In fact the only device I regularly use my iTunes password with is my iPhone.

     

    Like others the hack in my case seems to have come out of China. The hackers purchased some Chinese game apps and then made in-app purchases with them. There was some kind of "world soccer" game and then a game with anime characters but it's all in Chinese so I cannot read it.

     

    One interesting note, the credit card used was NOT mine. This information was changed on my iTunes account. I am guessing that the card they used was probably stolen.

     

    I did spend a couple of hours on the phone with Apple support and they did take care of the issue. But it would appear that something is afoot because my experience mirrors the many others here. So I will add my tale as another data point.

    I don't know if you know this but there is malware that can log key strokes.

     

    http://en.wikipedia.org/wiki/Keystroke_logging

     

    Also I don't know about you... but my iTunes does not hold the security code.

    Screen Shot 2012-05-16 at 11.55.52 AM.png

     

    Also I don't understand... you got an email saying that an app was downloaded by you, but your credit card was not used... perhaps the email was sent in error... or was a phishing email in itself?

     

    And then you go to say that you were on the phone several hours with Apple, but that just does not make sense, your at work, and when you got home from work you were on the phone several hours... I have emailed them and called them for technical support and they were rather quick in getting back to me. there is a big difference from maybe 30 min to several hours...

     

    To me it just does not sound like your account was hacked... But I am glad you got it all straightened out with Apple (even though it took several hours to do so).

  • Smoothvirus Calculating status...
    Currently Being Moderated
    May 16, 2012 10:05 AM (in response to Carlo TD)

    I am aware of keyloggers and pretty much every kind of malware/trojan/virus out there. Unless it's a keylogger on my iPhone that's pretty much impossible. The only time I ever entered the password on my PC was when I setup iTunes on it and that was more than a year ago.

     

    As the card they used was not mine I don't know they got around the CVV code.

     

    As for the app download notification, I recieved a text message about it on my iphone. I did not recieve an email about it until today.

     

    "A couple" = 2. Two hours. I was on the phone with Apple for about two hours.. actually it was a combination of phone and live chat. But yes they were friendly and they did resolve the issue.

     

    Trust me, my account was absolutely, positively hacked, I recieved the itunes reciept messages today, and it's all for game apps. As I cannot read Mandarin I don't know what they are. This is one of them:

     

    http://www.appannie.com/app/ios/chong-wu-lie-renhd/

     

    actually I found an English page about it, it's some kind of Pokemon ripoff

     

    http://www.appannie.com/app/ios/pmh-hd/

  • ewtaylor2001 Calculating status...
    Currently Being Moderated
    May 16, 2012 12:33 PM (in response to Smoothvirus)

    No, you are correct the servers are compromised and they refuse to admit it, I am look you very cautious I never type my password I copy and paste it so even if there is some kind of keylogger that somehow got past all my defenses they would not get my password. As I write this one thing does occur to me my iphone was manufactured in China what is not to say they have not added an extra few lines in the kernal or even an extra chip of some kind seems kind of strange that all the people being hacked are leading back to China...

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 2:00 PM (in response to ewtaylor2001)

    I can't prove that the servers are compromised so I won't make that claim. I think the evidence shows that something is going on, and it's probably not due to keylogger/trojan/virus or phishing attacks. The more people that report if it happens to them then the more we will know.

  • Carlo TD Level 3 Level 3 (550 points)
    Currently Being Moderated
    May 16, 2012 2:02 PM (in response to Smoothvirus)

    Would you please run ClamXav fully please.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 2:04 PM (in response to Carlo TD)

    I'm not running a Mac. I have two PC's with Norton Internet Security. Virus scan shows nothing.

  • ewtaylor2001 Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 2:20 PM (in response to Smoothvirus)

    Ditto and I do not think clamxav is available for the iphone...

  • Carlo TD Level 3 Level 3 (550 points)
    Currently Being Moderated
    May 16, 2012 2:34 PM (in response to Smoothvirus)

    Any way you could turn norton off and try a different malware removal program? Maybe Avast?

     

    technically malware is not a virus.

     

    Message was edited by: Carlo TD

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 16, 2012 4:23 PM (in response to JJinBrisbane)

    JJinBrisbane wrote:

     

    ...and again from Down Under.  You made me smile and that's a good thing.  Yes, I too have eleventy billion other accounts which have never been hacked...just my very first visit to the App Store (where I only registered - didn't buy anything).

     

    I have a little mantra which stands me in good stead...'it always good to have someone to blame'  And you know what, in this case I'm blaming Apple.  I didn't do anything different from what I might have done in using a PC for the past many, many years. 

     

    I am disappointed when people assume that there are so many of us out there who are dummies and don't know/understand anything...and they do.  It must be hard to be humble when you are perfect in every way!!!

     

    Hasn't happened as a PC user.  Why now?  Apple must have some big holes in security...that's all I can think from my lowly, former PC perch

    Because it hasn't happened before to you as a PC user, doesn't mean anything. There is always a first time. Malware and phishing scams are getting more sophisticated for all computer users. Blaming Apple, just to blame someone doesn't help the situation, mantra or not. If you are a victim of a scam, and are looking to resolve the issue with a refund, you can contact Apple.  http://www.apple.com/contact/ I hope this helps.

    iPhone 4S, iOS 5.0.1
  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 16, 2012 4:46 PM (in response to ewtaylor2001)

    No it is not available for iPhone or iOS. It is available for your computer. ClamXav is available for Mac OS X, including Mac OS Lion. It is very good and it is totally free, open source and cross platform. I run it on my Mac and Windows partitions it scans my junk mail folders as well as my computer login/user account. The Windows version is ClamAV. I have problems with Norton on my Windows PC being slow and bogging down the system. I find ClamAV is much better for me, because Nortron has problems as in this case on Norton's Community Support forums.

     

    Message was edited by: transmogrification to add an important link.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 5:51 PM (in response to Carlo TD)

    I'll run a full scan with Norton and then try one of the boot CD antivirus tools, probably the Microsoft one. Will post when it's done.

  • Carlo TD Level 3 Level 3 (550 points)
    Currently Being Moderated
    May 16, 2012 5:56 PM (in response to Smoothvirus)

    It is only a hint... it might show nothing... I  use to use one program... and it never showed me anything... then I switched programs... and I was surprised at what it found occasionally.

  • MadMacs0 Level 4 Level 4 (3,320 points)
    Currently Being Moderated
    May 16, 2012 6:33 PM (in response to Carlo TD)

    Carlo TD wrote:

     

    Would you please run ClamXav fully please.

    Key Loggers for the Mac are not considered to be malware by ClamXav as so far they are either Commercial or hacks that require physical or network access to the computer to install. That's generally true of all Mac A-V applications, with the notable exception of MacScan from SecureMac, which has always specialized in what they refer to as Spyware. But they are also known for identifying false positive detections, so be sure and double-check before trashing anything.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 8:16 PM (in response to Carlo TD)

    Norton found nothing. This was NIS 19.7.0.9 with the latest definitions. I am creating a Windows Defender Offline Disc and will scan with that next.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 5:31 AM (in response to Smoothvirus)

    Windows Defender Offline did not find any nasties after I let it run overnight.

     

    I think it's interesting that we are seeing identical attacks across both the Windows and OSX platforms. That would imply that however they are getting in, it's not from infected PC's.

Actions

More Like This

  • Retrieving data ...

Bookmarked By (39)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.