You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

iTunes store account hacked

I'm posting this just to share my story and get reactions. It's a little detailed but I thought worth sharing.

On November 23, 2010 I purchased a single song from the iTunes store for .99. I used store credit that I had from a gift card I received last year. It was the first purchase I had made since July 2010.

On November 25, 2010 I received a receipt for 2 more separate orders to my account. These were for over $50 in iPhones apps. Here's a sampling of some of the purchases:

1 eREAD isoshu, v1.5, Seller: ChengDu YueTong Internet Information Co. Ltd (17+)
2 Plants vs. Zombies, v1.3, Seller: PopCap Games, Inc. (iDP)
3 Monkey Island 2 Special Edition: LeChuck's Revenge, v1.1, Seller: Lucasfilm International Services Inc.
4 Asphalt 5, v1.2.6, Seller: Gameloft (9+)
5 Let's Golf!® 2, v1.0.1, Seller: Gameloft (4+)
6 Frames & FX for Photos, v2.5.1, Seller: Imikimi, LLC (12+)
7 Stenches: A Zombie Tale of Trenches, v1.0.1, Seller: Thunder Game Works (9+)

I do not have a credit card linked to my account, so these were made using my store credit.

I have only 1 computer authorized for my account (my personal home computer). I live alone and no one else touches my Powerbook but me. I also DO NOT own an iPhone, so I would have no interest in apps.

After I saw these bizarre purchases, I checked my account. I noticed 2 strange things: My account information had changed: My street address was correct, but city, state and zip had changed to: Towson, MD 21286-7840. I have never lived in Maryland. Also, I noticed that my password recovery answer had changed to "Murray" in response to a question about my mother's maiden name. That's decidedly NOT my mother's maiden name. Also, my birthdate had changed to an incorrect month and day.

I immediately changed my password and my recovery question/answer challenge.

I reported problems on all of these purchases and also contacted iTunes Account Support by e-mail.

Within 24 hours I received an e-mail from "Vicki" at iTunes Customer Support. She wrote:

"When reviewing over your account "name@domain.net" and the two reported orders, it shows that the content purchased within them was acquired from the computer that is currently authorized for your iTunes account. So I strongly advise that you do consult with those in your household regarding the purchases made, and the charges that resulted from those purchases."

Further:

"I have gone and reversed the charges for the two orders....You will see a store credit in three to five business days....Please note that this is a one-time exception, as the iTunes Store Terms and Conditions state that all sales are final."

I am pleased that Apple is refunding my store credit and replied so quickly.

However, it is simply impossible that these purchases were made from my computer. Again, my Powerbook is the only computer I have ever authorized to access my account, and I am the only person with access to it.

I am not sure how this happened. Any thoughts or similar experiences?

Powerbook G4, Mac OS X (10.5.8)

Posted on Nov 28, 2010 3:43 PM

Reply
1,958 replies

May 2, 2011 11:44 PM in response to stereocourier

It would be a big help if they would send out an immediate email confirmation for any and all purchases through the iTunes store, or any address changes or computer authorizations. The three day delay in sending emails allows the hackers to make several charges until the gift card has been used up. We could at least have a fighting chance to change passwords and avoid the dispute process which is a pain in the rear.

May 20, 2011 1:43 PM in response to bluemc

Me, ignorant? Speaking from experience? Again, FAIL.

Try again, better yet spare us all and DONT. Otherwise stick with 'relevant' information; keeping in mind hackers seem to be freely making modified account access, information, sometimes account names, sometimes removed CC info after abusing it. They have worked the system and know how to maximize damage, deflect 'solutions' and cover tracks for the most part.

Lots of the hacker-altered situations mentioned above, victims are virtually powerless until Apple takes action to deauthorize, eradicate or reset the account no matter what the victim tries.


He didnt SAY EXPLICITLY he had more than one machine authorized did he? Read his post again.

If he has only ONE machine shown as authorized, there is only ONE reason the following MIGHT not work:


To deauthorize a computer

  1. Open iTunes.
  2. Choose Store > Deauthorize Computer (In earlier versions of iTunes, access this option from the Advanced menu).
  3. Select "Deauthorize Computer for Apple Account" and enter your Apple ID and password.


http://support.apple.com/kb/HT1420


...Yes, the normal single machine deauthorization step for a single authorization.


If he cant access the single authorization to deactivate? Hacker altered something to prevent that. WAITING FOR APPLE TO ACT is the fastest and most efficient way than driving around a city dragging four other friends' machines into someone elses problem. That does NOT save time unless those other 4 units are side by side in an office. Especially if the hacker altered his account to the state he cannot even deauthorize one... there would be no way for him to 'fake authorize' four of his friends' units then, would he?


If more than one account and even that doesnt work? Why not? What if other authorized machines 2 to 5 are in some unknown country, NOOB? Unless lusid manages to hunt down the squatter and deauthorize those machines on location, lusid is hooped, and they will remain AUTHORIZED in SPITE of your pretend 'solution'. Victim-deauthorizations have been failing because of this tactic already; Apple-originated deauthorizations seem to not fail.

Relying on a backdoor "can only use once a year" approach is flimsy at best.

Again, this is all dependant on whether Apple's faulty accounting allowed a hacker to alter any personal access, security, and location information or not... where upon it totally falls back into Apple's lap to deauthorize, shut down or 'reboot' the account. As it seems the majority of accounts are getting this kind of hacker treatment, unfortunately the quickest way DOES rely solely on Apple: the company that steadfastly still maintains it was my fault, even after resolution. Ugh.


Authorize using the correct account name

The items you are trying to play might have been purchased using a different iTunes Store account.

http://support.apple.com/kb/TS1389

Hard to do for those who have had subtle changes made on them by hacker isnt it? Like the inclusion middle initial one guy didnt actually have that suddenly showed up in profile that stymied his normal security log in? Even some support docs dont cover hacker tactics, so this wont work ALL the time.


I have no problem at all quoting actual support docs Apple has to certify and stand behind as being 'support solutions'. You should try that sometime.

"Some phone/email help guy told me" doesnt fly any farther than I can spit as far as Im concerned. Its still Apple's problem and none of their support docs suggest we have to take such time-wasting, ridiculous efforts jumping through hoops to merely deauthorize a computer. That is YOUR support pal's suggestion only, not an authorized, routine Apple 'time and effort saving trick for deauthorizing a (hacked) computer/account", and it is supposed to be used only for those with 5 machines authorized.

If you were trying to 'skin a cat' a different way, perhaps omitting your cut/paste words "trick", "simple", 'save time' and putting a personal CAVEAT would be something to keep in mind next time. India Apple Support proved themselves wrong more than enough times for my liking, and with this post so have you.

The fact STILL remains there undeniably is a hacking problem at Apple (who is totally denying it), where the response is not much more than reading off an ineffective script in response; they may or may not be 'winning the hacker war' that they are stubbornly refusing to admit even exists (how Area 51 of them); and the onus/blame seems to almost always be foisted onto the victims/clients.

This is absolutely poor business practice. Apple used to have a track record of great response and success overcoming all manner of problems from overheating batteries to failed iMac screens, but this problem seems to grow the more they deny it exists.

I also expect MUCH MUCH more from them in solutions and guidance, NOT unfounded accusations of failure on my part. And by all means it shouldnt matter if I have been running Macs since 1989 or if someone else bought their first last week, all clients should have been given more respect than what has been shown in the thousands of reported cases mentioned this year.

Livid does not begin to describe my frustration with witch doctor procedures or Apple failure.

Oct 16, 2011 10:54 AM in response to stereocourier

i had loaded a 20 buck gift card onto itunes and bought one song like 3 years a go and have used it since and on oct 7 i got an email thanking me for my purchase so i open it and its a chinese app i cant even read then it says its not from my usual computer and 2 other on app purchases so i have 2.08 bucks left and this is the app http://itunes.apple.com/ca/app/id436299494?mt= with 2 more in app purchases Im a bit angry and i dont know what to do about it well i wot be buying anymore itunes cards because of this

手机三国 Three mobile phone

By 上海颠视数码科技有限公司 By Digital Technology Co., Ltd. Shanghai Britain as

View More By This Developer View More By This Developer

Open iTunes to buy and download apps. Open iTunes to buy and download apps.

Description Description

历时一年半而成的手机史诗大作,一经上市便好评如潮,更被权威媒体评为“真正意义上的手机网游”!游戏以三国时代为背景,玩家将扮演一位穿越到三国时代的乱世豪杰参加到魏 、蜀、吴及群英四大阵营的争霸大业中。 Last year and a half from the cell phone epic masterpiece, a listing will be well received, even by authority of the media as "truly mobile gaming!" Three times in the context of the game, players will play one through to three times participate in the troubled hero of Wei, Shu and Wu and heroes in the cause of the four camps of hegemony. 游戏中玩家需要通过完成任务,建造建筑,壮大军队,招纳武将,并和其他玩家结盟的方式不断壮大势力后在与各路玩家的激烈战斗中脱颖而出达成自己阵营称霸游戏的目的。 Game in which players need to complete the task, the construction of buildings, expanding the military, the recruitment of troops, and alliances with other players the way the growing forces after a fierce battle with separate ways to stand out players reached their camp, the purpose of dominating the game.


★官方微博: weibo.com/shoujisanguo ★ official microblogging: weibo.com / shoujisanguo
★官方论坛: bbs.sanguomobile.com ★ Official Forum: bbs.sanguomobile.com
★客服邮箱: service@sanguomobile.com ★ Service E-mail: service@sanguomobile.com
★客服MSN: sanguomobile@msn.cn ★ Service MSN: sanguomobile@msn.cn
★客服QQ: 138160429, 138170429 ★ Customer Service QQ: 138160429, 138170429


★百万玩家同时在线战斗,身临其境的实时对战系统,数百场战斗一触即发。 ★ million players simultaneously online battle, immersive, real-time battle system, hundreds of battle imminent.
★四大特色鲜明的阵营可选,更有配合4大阵营的独有武将供玩家选择。 ★ optional four distinctive camp, with four more exclusive camp for players to choose generals.
★数百种步兵,骑兵,战船和攻城器械。 ★ hundreds of infantry, cavalry, warships and siege equipment. 更有多达500名以上的武将和神武将可供收藏和使用。 Over as many as 500 of the generals and brilliant will be available for collection and use.
★近百种各类型建筑帮助玩家建立庞大的经济帝国,维持你不断壮大的军队。 ★ nearly a hundred different types of buildings to help players build up a huge economic empire, keep your growing army.
★通过和其他玩家联盟壮大自己的军事力量,获得更多的战斗胜利,强大自己的阵营势力,称霸手机三国。 ★ by other players and alliances to strengthen their military forces, the battle to get more victories, powerful forces of their own camp, the three countries dominate the mobile phone.
★特色的悬赏任务“仇人见面分外眼红”玩家可通过悬赏玩家,一解心头之恨。 ★ characteristics of the reward task "to meet exceptionally jealous enemies," the player can reward players, a solution of my hate.


.....更多超酷体验等着你来发现! 还不赶快登上手机三国的战场? ..... More cool experience waiting for you to discover! Do not hurry to board the battlefield three mobile phone?


Free Free
  • Category: Games Category: Games
  • Updated: Jul 14, 2011 Updated: Jul 14, 2011
  • Version: 1.0.2 Version: 1.0.2
  • Size: 7.9 MB Size: 7.9 MB
  • Languages: English, Chinese Languages: English, Chinese
  • Seller: Something Big Technology Co., Ltd. Seller: Something Big Technology Co., Ltd.
  • © Something Big Technology Co., Ltd. © Something Big Technology Co., Ltd

Nov 12, 2011 1:02 PM in response to stereocourier

My account iTunes account associated with my iPhone was hacked, and while resolving the issue I discovered how common this issue has become. Be careful iTunes users!


This is how it occurs, if you, like me, have chosen an easy to remember and type password for this account because the iPhone is difficult to type on -- please change it now! The hacker(s) are hacking various websites to gain lists of email addresses and password combinations. They are doing this because they know many people are creatures of habit and will use the same password for many sites, and since retyping passwords on devices such as phones is annoying, there is a better chance of this occurring.


Apple iTunes accounts also are generally associated with your email address, so if they can recover a password and email address from an easier site to hack (most sites ask for your email) and then they likely will also now have your iTunes account login information.


What will they do now that they have access to your account?

  1. They will change most of your personal information, so you cannot login and regain control of your account. If you have access still, be aware that they may have changed your secret question or other account information, so they can regain access to the account later.
  2. They will drain your store credit and make charges to your associated credit card. These will either be for gift certificates or goods which they can resell on eBay, Craigslist, etc.
  3. If your account doesn’t currently have an associated card (luckily my case) they will associate another person’s stolen credit card information with your account. This way they can fraudulently drain another person’s bank account under your name, thus adding a layer of protection and creating a delay in any response to their fraudulent charges.

This whole method has until very recently (within the last month) been aided by the fact Apple support for iTunes accounts was only available through a website form or email. Even today it is very difficult finding information on how to recover an iTunes account hacked in such a manner.


There are 56 pages of instances of this type of hacking on discussions.apple.com:

https://discussions.apple.com/thread/2665383?start=825&tstart=0


Even there you will not find accurate information, or from most Apple Support numbers. I had to speak with a supervisor, after being told it could only be handled via email.


This is the number to call: 877-416-4271 (if they refer you to the web, ask for a supervisor)


Note, this is a common strategy for hacking various accounts, so do not use the same easy to remember/type password you use for joining forums or low priority sites with any of your important primary accounts, such as email or accounts associated with credit cards.


Share this, as apparently it is very common, and even though it can be resolved, no one should have to spend time on the phone dealing with it.

Feb 12, 2012 11:34 AM in response to stereocourier

It appears this is a much broader problem than being reported by users. I personally called some of the phone numbers (my account address and phone number were changed to California). I talked with people, they all said similar things "I cannot think of any way I could have granted acccess to anyone else to get access to my account". They are not posting on this site...so how many people are actually affected but not reporting?


I work in IT...I am now wondering about a Self-Mutating Worm (Virus)...and starting the search for a more robust tool to scan my machine. I know 100% for sure now one else has access to my machine and I did not grant access to anyone else to allow purchcases. I even reviewed logfiles to see if anything suspicious occured. Other theories I have is access on the back-end (like Sony's recent hack)...someone accessing a back-end Data Storage area with access to place purchases as. me.


I am not anti-Apple or trying to rattle the cages....I am, however, interested to find the answer and will assist anyone else wanting to get to the bottom of this....feel free to reach out if you are serious about helping.


Tim Fowler

Tigger_24@yahoo.com

Feb 14, 2012 9:34 PM in response to stereocourier

I was just hacked too... My account is linked to my PayPal that's linked to my checking and they got in twice a few days ago one for 20 somethings bucks and the other for 3o bucks. I e-mailed Apple. Apple Support refunded me $55 within minutes last night - said they reset my password which is not true. I reset my iTunes password before I sent the e-mail to Apple. Then tonight I got an e-mail from PayPal showing another debit $21.90. Amazing. Now I reset my PayPal security questions and password AND my Itunes password. Not very happy at this point. Scared crapless actually. What is this monkey business? The 3 transactions show on my PayPal account but not in my iTunes window in the iTunes Store. How is that possible. I'm going to give this 24 hours. If it happens again I guess I'm cancelling PayPal for sure. What a joke. 😢

Mar 29, 2012 5:15 AM in response to Carlo TD

A quick note about Carlo TD: Carlo has on numerous occasions tried to change the subject/focus of blame of this thread away from Apple. Read his posts with care and look for obvious bias.


For those just joining us, here is a summary of this thread:


  1. The majority of people on this thread are complaining about purchases on their account from a non-authorised computer.
  2. In most of these cases, it is Apple themselves who first notice the purchases, but do nothing to stop the non-authorisd purchases from being processed.
  3. A high percentage of complaints involve the use of gift-card credit, sometimes used within days of the credit being put on. This has led people to suggest that the "hackers" have had access for a while and have been waiting for accounts to add credit before using the accounts.
  4. Some complaints have involved PayPal accounts that are linked to iTunes and have been used by the hackers. Because PayPal accounts often have bank/credit/debit cards attached, these complaints have talked of large numbers of money being stolen/spent. Although these are unproven, I would reccommend that you unlink PayPal from your iTunes account, no matter how good your password is.


If you are a victim of any of the above, you MUST contact Apple/iTunes. In all cases I have read about (and in my own case) Apple refunded the money within 3 days. Be prepared that their explanation will accuse you of having a compromised computer. IANAL, but IT IS MY BELIEF that accepting their refund is in no way acepting their explanation - you are just taking back what was stolen/taken from you.


Apple UK do apparently have a phone number (other have spoken about it in this thread) but I have never found it. I contacted Apple through their, somewhat confusing, "Express Lane". Go to the link below and select [iTunes] > [iTunes Store] > [Purchases, Billing & redemption] and following the instructions. Doing this got me my refund within a couple of days.


https://expresslane.apple.com/GetproductgroupList.do?PRKEYS=133314


Good luck, and let us know how you get on in this thread.

Jul 17, 2012 11:05 AM in response to Paula_R

Paula_R wrote:


Mr. Transmogrification, I hope you morph into a more respectful state soon...but...


Do I have any proof? Of course I do - well, let's call it inductive proof. I was at a party and an app that I never purchased showed up on my iPhone. When I got home, I received a note from Apple that my account had been accessed by an unauthorized device in China.I had installed no deviant files, no "secret way" to download free apps...and truth be told, I'm an old broad without the patience or interest to do something like that to save 3 bucks anyway. If you read through the 1700 some-odd posts on this forum, you'll find some very common features and some very un-common features.

  • we dont use the same devices
  • we dont use the same OS's (I just posted here because it was the first place I found when I googled up "Apple Hack"...I actually am a PC user).
  • we have varying degrees of technical expertise, from very little to very much.
  • some had gift cards, some just had vanilla purchases.


I dont know who you are or what you do for work...I do know myself though. And there is ZERO doubt in my mind that this was a server based attack. We just don't have enough similarities for it to be otherwise.


Peace.

Paula R, can you ensure that every post in this forum are claims of servers being hacked? No, and assuming so is wrong.


Paula, you should be more respectful of the Apple Support Community forums here. This thread is for Mac OS users with iTunes accounts that have been hacked.


If you are using a different OS, such as a PC with Microsoft Windows, you are free to post in this section:


iTunes for Windows

Nov 14, 2012 8:08 PM in response to 669

Just want to say that apple was amazing for me. I noticed 2 charges on my online banking statement for over 40 dollars stating that they were iTunes purchases. I logged on to my iTunes account and it showed no recent purchases. I called apple ( when the recording asks why you are calling, just say fraud). I immediately talked to someone and he said someone would email me back within 24 hours. Well less than 3 hours later I received an email letting me know that they looked into it and have refunded the charges. Amazing service from apple!

Aug 19, 2011 2:46 PM in response to bdellasc

I have been hacked too. When I found out about it, I was away from my computer and didnm't think to check til now. I have since sent them three emails.....three is better than none! 😝


I didnt realize that they stole from my gift card. I guess it could be worse, much worse, but still! I feel violated. I hope that Apple reimburses me since this isn't my fault as they will make it out to sound. Wanted to buy a few songs, but I guess that is going to have to wait. Sigh.


Dirty little (Chinese?) thieves!

User uploaded file

May 16, 2012 9:21 AM in response to Smoothvirus

Smoothvirus wrote:


Well it has happened to me as well. On Monday evening I purchased three songs off of iTunes from my PC. The next morning I get a message on my iPhone that I had downloaded an app from a computer. I was at work at the time and had not downloaded any apps. I logged into my iTunes account and changed the password as quickly as I could.


I certainly have not been phished because I am wary of such things and have not had any requests to enter my iTunes password anywhere, certainly not on any of my PCs. A virus seems to be pretty unlikely as well. In fact the only device I regularly use my iTunes password with is my iPhone.


Like others the hack in my case seems to have come out of China. The hackers purchased some Chinese game apps and then made in-app purchases with them. There was some kind of "world soccer" game and then a game with anime characters but it's all in Chinese so I cannot read it.


One interesting note, the credit card used was NOT mine. This information was changed on my iTunes account. I am guessing that the card they used was probably stolen.


I did spend a couple of hours on the phone with Apple support and they did take care of the issue. But it would appear that something is afoot because my experience mirrors the many others here. So I will add my tale as another data point.

I don't know if you know this but there is malware that can log key strokes.


http://en.wikipedia.org/wiki/Keystroke_logging


Also I don't know about you... but my iTunes does not hold the security code.

User uploaded file


Also I don't understand... you got an email saying that an app was downloaded by you, but your credit card was not used... perhaps the email was sent in error... or was a phishing email in itself?


And then you go to say that you were on the phone several hours with Apple, but that just does not make sense, your at work, and when you got home from work you were on the phone several hours... I have emailed them and called them for technical support and they were rather quick in getting back to me. there is a big difference from maybe 30 min to several hours...


To me it just does not sound like your account was hacked... But I am glad you got it all straightened out with Apple (even though it took several hours to do so).

iTunes store account hacked

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.