How to recover hacked Apple Account?

AppleFanboy44 wrote:

I have exactly the same problem, same chinese hacker script kiddie that have replaced the security questions …

The bug fix in the iforget flow….

Some of the errors that can arise in these Apple Account take-over cases:

• Arguably, Apple not forcing older Apple Accounts over to two-factor authentication is the biggest issue.
• Re-using of passwords. This is approximately and seemingly near-inevitable doom. (Your list of breaches)
• Failure to review and address problems listed in the personalized Apple security recommendations.
• etc.

This results in not only account takeover, but also in spam and phishing and other attacks targeting users’ contacts and leveraging the security compromise.

One of my contacts has longstanding issues with inadequate security, which means others in that circle routinely get phishing attempts that leverage their compromised data. And spam, and payment fraud, and the rest.

Any proposed “fix” here has to work at billion-device scale too, and preferably also without risking access to or compromising a billion devices’ data.

Once an Apple Account is compromised, there’s no good path back, either.

Unfortunately that means you are out of luck. Apple is strict with their account security and the use is in full control of their Apple ID only.

Your option now is to submit proof of ownership of the phone to Apple to request they remove the Apple ID from the phone do you can start as new Apple ID. How to remove Activation Lock - Apple Support

Same issue with same security question language. +1

I have exactly the same problem, same chinese hacker script kiddie that have replaced the security questions and all other things on the account EXCEPT the email address, so I still get all the "Information has been updated" emails and I can each time do a (successful) password reset. Then the next day the hacker re-runs the script and so on. This loop has happened at least 10-15 times the last month for me.

OBVIOUSLY Apple could see that this is a hack if they just looked at the account change history. But their support can't access this info and I get why - it wouldn't be good if low/mid-level support guys (of which I'm sure there are thousands at Apples org) can get bribed to reset security questions for example on random accounts.

So I'm not arguing that support should be able to fix it, but I AM arguing that Apple as a big company could at least have the same level of hack detection capabilities as banks or other important sites have i.e. internally automatically flag suspected hack attempts - like someone logging in and within 3 minutes have changed ALL items of information in an account.

They could even make it completely automatic like they have with disabling 2FA - like insert a 2 week latency period on all major changes like replacing security questions and not just with disabling 2FA.

I found a bug in the iforgot.apple.com flow as well, my account was actually created before the security questions were added to the apple accounts, and the iforgot flow doesn't understand this - so if you click "Reset Security Questions" you go to a screen where it says you first have to answer the *original* security questions used when the account was created. But if there were none to start with, the iforget flow now incorrectly lists the NEW security questions (in Chinese) as the "original" ones so there is no chance to answer them.

The bug fix in the iforget flow for these older accounts should be to simply allow a security question reset if you own the email address used when you created the account. Then you could login and setup 2FA. It can't be worse than before, as the account never had either 2FA or security questions to start with, it only had email authentification, so letting people do this wouldn't degrade the security protocols for anybody else.

The recovery you read about is for accounts who have two factor authentication security. Since you use security questions you do not have this type of security and cannot use its account recovery process.

Instead do you have a device still signed in to the same Apple ID and can you turn on two factor authentication following Two-factor authentication for Apple ID - Apple Support ?

I thought it was just me I have found all kinds of data which requests your information in data analytics to be sired with other entities plus on certain apps they are allowing developers to have access eg. API client. I tried to go into yahoo mail app as I changed the password but rather than it using a regular browser it switched over to api.yahoo.com which I knew wasn’t right. For 2 weeks I have contacted support and asked what all this is and they fob you off. I have had everything hacked and there are only certain things I can access using the internet too

I'm right there with you. I have had so many issues with my wallet syncing with my cards that are not locked. And now I've been a part of this feedback program and it's not even syncing properly with my phone cause Apple doesn't support two Apple accounts on 1 device. Make it make sense.

Mine was an old account that I think I had created for apple.com but it is old enough that it was not my Apple ID login. Most likely I had created it prior to having an Apple device over a decade ago. Ironically I am logged in with it to make this post. I was able to change the password but the security questions seem to be in Japanese according to Apple Translate so I can't get access to my account info. The security questions didn't exist when I had created the account for the Apple website. I am going to make sure I review all of my passwords for every site I have a login to make sure they are updated to a more secure password even on old accounts (of course turn on 2FA). This particular one was probably an easy one to hack. I wasn't using the account but I would like to see what info I had in it.

what did u do? same situation rn :(

How to remove in hacker

Same here

My emails are getting deleted I am having a nightmare!

Still in it!!!

I’ll let you know when I have worked it out x

Ask Apple Support to disable your account. Thats all they can do but it won't be deleted