Skip navigation

iTunes store account hacked

664699 Views 1,941 Replies Latest reply: Apr 20, 2014 10:42 AM by Chris CA RSS Branched to a new discussion.
  • Carlo TD Level 3 Level 3 (550 points)
    Currently Being Moderated
    May 17, 2012 5:32 AM (in response to Smoothvirus)

    well glad you did not find anything.

  • transmogrification Calculating status...
    Currently Being Moderated
    May 17, 2012 6:25 AM (in response to Smoothvirus)

    "Windows Defender Offline did not find any nasties after I let it run overnight.

     

    I think it's interesting that we are seeing identical attacks across both the Windows and OSX platforms. That would imply that however they are getting in, it's not from infected PC's."

     

    Windows is anti-spyware. Malwarebytes is anti-malware. That may be one reason. Here is a good discussion about it:

     

    http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/malwareb ytes-and-windows-defender/b683e23e-7315-4cf0-9548-90479117c03c

     

    Seriously I would have chosen anything but Windows Defender, like Malwarebytes, or AVG. both are very well rated.

    MacBook Pro, Mac OS X (10.7.1), Windows XP SP 3, Ubuntu 11.04
  • Smoothvirus Calculating status...
    Currently Being Moderated
    May 17, 2012 7:00 AM (in response to transmogrification)

    Windows Defender Offline is for sniffing out rootkits. It actually did get some false positives off of some software tools that I use, including keyfinder, which is kind of funny.

     

    I actually do use and like Malwarebytes. I could scan with that too but at this point I think it's pretty much academic.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 17, 2012 8:02 AM (in response to Smoothvirus)

    Well, academic is debatable. I would contend that academic should have been the starting point. Malwarebytes is an academic choice when looking for malware, vs. Windows Defender, an anti-spyware tool. Since we can't state with blanket certainty what is compromising iTunes accounts for everyone, it's best to check every potential threat with seriousness. This particular thread concerns Mac owners with iPhones. I am a Mac, Windows PC and iPhone owner. I investigate Mac security as a hobby. I haven't been iTunes account compromised, yet, though I have seen a good number of phishing scam attempts. ClamXav has caught these on Mac. ClamAV has caught these on Windows. Windows Defender, no.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 17, 2012 8:26 AM (in response to transmogrification)

    Another good idea for Mac Users, is to repair your permissions on a regular basis. If an installation of rogue software at the system level changes permissions to its' advantage, repairing permissions can thwart these software attempts at gaining access where it shouldn't.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 8:34 AM (in response to transmogrification)

    You keep saying that WD detects spyware only, but I'm pretty sure that Windows Defender, and Windows Defender Offline are two different products. Last night's scan was with a Windows Defender Offline bootable CD, I did not use Windows Defender at all. WDO did get some false positives on "hacker tools" that are part of the Hiren Boot CD image I have on my hard drive. Those software packages are not spyware. In fact I'm pretty sure that WDO is using the same virus signatures that Microsoft Security Essentials uses.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 17, 2012 9:15 AM (in response to Smoothvirus)

    Read the link I provided. Here. I will repost it:

     

    http://answers.microsoft.com/en-us/windows/forum/windows_vista-security/malwareb ytes-and-windows-defender/b683e23e-7315-4cf0-9548-90479117c03c

     

     

    If you have a problem take it up with Microsoft. Don't shoot the messenger.

  • TunesFan Calculating status...
    Currently Being Moderated
    May 17, 2012 12:33 PM (in response to Smoothvirus)

    Hi there, they got the CVV code from the back of the card they added to your account. Also, iTunes doesn't send text messages to tell you about purchases. If you got a text message it wasn't from apple. Do you mean email via push to your phone?

     

    Either way, they were able to add the CVV because they had access to it, just like the full card # and expiry date and if you get a text claiming to be from apple or iTunes don't tap on any links in the text cause it's not from Apple--they don't contact you--ever--via phone or text unless you have scheduled to do so.

  • TunesFan Level 1 Level 1 (10 points)
    Currently Being Moderated
    May 17, 2012 1:13 PM (in response to ewtaylor2001)

    The software is engineered in the US and the hardware is manufactured in China; it's not possible that anything was manipulated.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 1:23 PM (in response to transmogrification)

    Yes, I read that link earlier. But that's an article about Windows Defender, and what I used was Windows Defender Offline, which is a different product. Sorry if I sounded a little frustrated earlier. No messenger shooting intended.

     

    Anyhow I will test it out with malwarebytes and clamav later tonight and post the results.

  • Smoothvirus Level 1 Level 1 (0 points)
    Currently Being Moderated
    May 17, 2012 1:26 PM (in response to TunesFan)

    No it was a text message, there were no links embedded in it.  Actually I guess it was a push notification - it was certainly not an email. It just said something like "you have downloaded an app from your computer, if you want to use it on your device sync it later" or something to that effect.

  • transmogrification Level 1 Level 1 (5 points)
    Currently Being Moderated
    May 17, 2012 2:19 PM (in response to Smoothvirus)

    Smoothvirus wrote:

     

    Yes, I read that link earlier. But that's an article about Windows Defender, and what I used was Windows Defender Offline, which is a different product. Sorry if I sounded a little frustrated earlier. No messenger shooting intended.

     

    Anyhow I will test it out with malwarebytes and clamav later tonight and post the results.

    Please remember, this discussion is the iTunes for Mac Community and most people coming here are Mac users. iTunes for Windows is probably where you might find more relevent help for your issues. I hope that helps or you can post your issues and situation there.

  • ewtaylor2001 Level 1 Level 1 (0 points)
  • jesusponcho Calculating status...
    Currently Being Moderated
    May 18, 2012 12:31 AM (in response to Smoothvirus)

    just had this same issue happen to me within the past hour. i changed my information back but didn't change the card yet... not sure if doing so will push those purchases to my card or not. i sent an email to apple support via the express lane support page.

     

    according to my bank account, these fraudulent purchases are not showing up yet. i have 4.99 missing from when i bought an app earlier today.

     

    from what i understand, did they simply add a new card to my account to make these illegal purchases? so i don't have to worry about it being taken from my bank?

  • scarysheep Calculating status...
    Currently Being Moderated
    May 18, 2012 9:41 AM (in response to jesusponcho)

    Exactly the same thing happened to me today. Two new apps appeared on my account, card details deleted, no pending purchases on my bank account. Did they hack my account, make the purchases using a (stolen) credit card, then delete the details? And why is this so endemic?

Actions

More Like This

  • Retrieving data ...

Bookmarked By (39)

Legend

  • This solved my question - 10 points
  • This helped me - 5 points
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the Apple Support Communities Terms of Use.