Skip navigation

Icloud account just got hacked

45377 Views 133 Replies Latest reply: Sep 30, 2012 1:11 PM by ethan397 RSS Branched to a new discussion.
1 2 3 ... 9 Previous Next
Kallidoan Level 1 Level 1 (0 points)
Currently Being Moderated
May 16, 2012 4:37 PM

I just received a bunch of emails from my friends saying that they got a spam email from my "me.com" account address.

 

What the heck is going on here?  Nothing else was messed with on my account, just a bunch of random spam emails in my sent box.

  • Kappy Level 10 Level 10 (221,075 points)
    Currently Being Moderated
    May 16, 2012 4:39 PM (in response to Kallidoan)

    Ignore it. Spammers got hold of your email address and are sending out emails spoofing it. Your only recourse is to change your email address which may be more trouble for you than it's worth.

  • solargaze Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 16, 2012 4:51 PM (in response to Kallidoan)

    This happened to me too about 30 minutes ago. I never use my @me email for anything, and I gurantee someone didn't break into the account by guessing my password (or brute force methods) - it's a pseudoly randomly generated string of 15 numbers, letters (upper and lower case), and symbols (I worked in IT for many years and am perhaps overly zealous about password security, which makes memorization a real pain). I'm worried that Apple's iCloud servers themselves got hacked, as I see there are a few other people on the forums who are reporting that their account was used for spam in the past few hours.

     

    Just to verify, my account sent spam about "making money on your home computer" which is what another user on this forum has reported. Is that what your account was sending? If we're all sending the same spam, that doesn't bode well...

  • BoardkilL Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 6:05 PM (in response to solargaze)

    Exact same thing happened to me as well. It sent out a bunch of spam mails to people in my address book via the me.com mail - including my own gmail account. Funny thing is I have never used it. I have been logged in to me.com/iCloud only once I believe, and that was last summer.

     

    It seems weird, but somehow they managed to send out all those messages about making money doing this and that. When I checked the sent box on the website they were all there, sent to pretty much every contact on my iPhone.

     

    Just to be on the safe side I changed the password to something even more difficult than the previous one I had. Pretty much the same deal as solargaze; letters, symbols, numbers, upper and lower case - about 15 of them.

  • nekonoko Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 6:19 PM (in response to Kallidoan)

    Just to confirm, I just experienced this as well - spam e-mails sent from my iCloud account to various parties on my contact list (including some of my own alternate addresses). I've changed my account password and haven't noticed any strange purchases or other signs of tampering.

  • tsnow20 Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 6:46 PM (in response to Kallidoan)

    Just had the same problem. I'm an IT professional with 10 years experience, and wouldn't fall for a phishing scam even on my drunkest of days. No, my password wasn't guessed either. Trust me.

     

    114.181.130.212 (i114-181-130-212.s05.a013.ap.plala.or.jp) shows in the long headers for the outgoing mail as the sending IP address. I changed my password immediately after receiving some of the spam back to my icloud account (I had it on my contacts list).

     

    These were contacts ONLY in icloud, I might add. I have a great deal many more contacts in Outlook / Thunderbird, none of which were spammed. Even stranger, I have access to several of the accounts the spam was supposedly sent to, and none of them show these messages in either Junk / Spam folders or Inbox. I'm wondering if some upstream mail server might be quarantining some of this, but who knows.

     

    What the eff is going on here, Apple?

  • solargaze Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 16, 2012 8:20 PM (in response to tsnow20)

    I called Apple to let them know what had happened with my account and explained to them that my password was not simply "guessed" as guessing a long string of pseudo randomly generated letters, numbers, and characters is not likely. The guy I talked to said they had no other reports of such an issue but would make a note of it in case other reports came in and a pattern emerged. So, I encourage anyone who this has happened to to contact Apple via phone and let them know that it's an issue. I notice since then my iCloud account has been deactivated and has needed to be reset, and that even after resetting, my @me email account is not available, so I am suspicious that Apple probably is aware of an issue and is being hush hush about it. But still, please call Apple if this has happened to you (they can be reached at 1-800-263-3394), and be sure to tell them that it isn't phishing, but that the email is definitely coming from your account and you can see it in your "Sent" folder.

     

    The scary thing is, if someone didn't guess (or brute force) the password (which, at least in my case, I'd be shocked if they did, because that would be one heck of a lucky guess), it means they got access to our accounts through some other exploit that bypassed the password. I'd like to know how this happened, and what, if any, of my other Apple information they might have accessed. If they didn't guess the password but rather somehow bypassed the passowrd, then changing a password doesn't guarantee safety of the account.

  • kroser Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 8:30 PM (in response to Kallidoan)

    Add me to the list of people with the same problem.  All the SPAM was sitting in my Sent folder.  I too changed my apple id's password.

  • tsnow20 Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 9:35 PM (in response to kroser)

    SPAM messages are sitting in my sent mailbox when I log into icloud.com, however, I don't see these messages sitting in the sent box for Outlook using IMAP. Also, I've been checking the other mailboxes some of the SPAM was sent to, and none of them have received any of the messages. These are all on different domains, so I suspect something else is going on here.

     

    Perhaps:

     

    1. Apple deferred sending more messages because the IP address using my account had already sent enough messages to exceed some quota (and will still send these messages out, eventually?)
    2. Apple caught the spam at the server, and never sent the mail out. The reason I received a copy of the spam was because I @me address as a contact, so the mail would've been a local delivery on Apple's servers.

     

    Just to clarify further, the spam showed my @mac address as the sending e-mail address. I saw subjects similar / exactly like the ones solargaze described.

  • david_on_a_bike Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 16, 2012 11:59 PM (in response to tsnow20)

    Yep I to got hacked last night.

     

    Every contact in my address book got spammed - all the emails have a similar header

     

    Subject: Re:

    Date: 16 2012 17:58:55

    X-Mailer: MobileMe Mail (1J25+8525)

    X-Originating-IP: [202.147.217.223]

    Message-id: <fca3f77d-04a0-4158-ef93-df4b1752e79a@me.com>

    Content-Type: multipart/alternative; boundary=Apple-Webmail-42--6a4db092-507b-6e83-a088-b20340ac2bb0

    MIME-Version: 1.0

     

    I do not use my icloud email for anything.

     

    Is there a way to disable sending email from the icloud account?

     

    I have changed my icloud password.

     

    Cheers David

  • øivindfromoslo Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 2:15 AM (in response to Kallidoan)

    same here, never used the iCloud e-mail account for anything (and I hate that apple forces it on you) but suddenly everyone in my contact list have received spam mails from that @me.com address...

     

    has apple been breached perhaps? It seems as though several of the users here have had strict passwiord policies (as have I).

     

    Or maybe there is a vulnerability in the iOS software that somehow leaks these details

     

     

     

    EDIT:

     

    Upon logging onto icloud.com I can see that my sent folder contains 45 sent emails, with several recipients, spamming everyone in my contact list with some BS job offer.

     

    The worst part is that iCloud has NO security info whatsoever, I cant find last log on time, last logon IP or nothing of the sorts..

     

    It is incredible how much apple ***** when it comes to security options for end users ... I would love to get some info regarding how this hack has been done, but they do NOT make it easy ,,,

     

    Message was edited by: øivindfromoslo

  • øivindfromoslo Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 2:45 AM (in response to øivindfromoslo)

    OK so I got a hold of a support rep at apple who helped me remove all my contacts from iCloud (don`t wanna use that service anymore after this experience).

     

    I reccomend everyone to have their iCloud account shut down or atleast remove their contacts from iCloud.com as it does not seem like apple can do very much about this issue.

     

    I suspect that the entire issue is caused by some weakness on apple´s end - either in the icloud.com logon part or in the iOS software (one might be able to extract iCloud logon info with a specifically crafted website or something, who knows).

     

    I havent logged into the icloud.com site for 6 months and never use the @me.com account so I´m pretty sure that this issue is something that Apple must look into and solve, I don´t believe that its poor security practices by icloud users that is to blame here....

  • Optimus Frag Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 3:02 AM (in response to Kallidoan)

    Yep hacked here too.

     

    Changed password and removing contacts from icloud syncing.

     

    Not just me then. I wonder how many others are waking up to texts and mails from friends asking if they'd been hacked.

  • tcmunson13 Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 7:00 AM (in response to Kappy)

    Kappy wrote:

     

    Ignore it. Spammers got hold of your email address and are sending out emails spoofing it. Your only recourse is to change your email address which may be more trouble for you than it's worth.

     

     

    How did they get into my contacts then?

  • clroxas Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 7:06 AM (in response to tcmunson13)

    My email contacts are letting me know that my computer has been hijacked and are sending this junk....

     

    Let your computer do the work and EARN money! http://brighteam.com/fastmoney.php?ocfortuneid=fougo

     

    How did they get my contact list? How can I delete my never used me.com email account? How do I stop it?

1 2 3 ... 9 Previous Next

Actions

More Like This

  • Retrieving data ...

Bookmarked By (7)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.