My iMessage has been hacked

I have had the same thing happen as many of the most recent posters here.

At 1:33 am PDT on October 10th, I received an email that someone had signed in to imessage using my account on an iMac 27 named "iMac14,2"

I immediately changed my password, but exactly 24 hours later, there were 37 messages sent from my phone to Chinese numbers. The very first one was only 3 number 1s sent separately (as a test?) to the following number: +63 949 577 1323. The other 36 were all to different numbers and included emoticons and url links.

While on Reddit, I found a thread in which many other people quote the same number to which the "1"s messages were sent, which seem to have been a test.

We have a phone number, is there anywhere we can report this?? It seems like it could help find whoever's using our phones/IDs.

Just a thought.

When you changed your password, did you do it on a browser or on an iDevice?

WHen I changed my password on my iPhone, it asked me if I wanted to sign out all devices or not. When we did this in the browser the same question was not asked. I wonder if the website logs out all devices or not.

Just wondering if this has anything to do with the Yahoo! breach recently? My Yahoo! password had changed since 2014, but I didn't realize I had the same user name/password combination from 2014 on my Apple account and I think that is how they breached my account. Makes me wonder what information they took while they were in my account. I talked to iTunes and nothing was purchased, but I've been up all night going through iPhotos for anything compromising (passwords) and changing all the passwords on the apps that are on my iPod Touch in case they try to use that winning combo again.

This just happened to my phone.. same text message.. I just changed my password and checked my devices on apple id accout page and nothing else was added except my phone but I'm freaking out!!

This happened to me last night. 41 Imessages sent from my phone to Chinese numbers with Chinese messages. I have checked my Apple ID and there are no other devices signed in. I have changed my password. Please let me know if there are any updates to this issue.

Exactly the same thing happened to me 2 days ago. Same "iMac14,2" and everything. I changed password, re-signed into all devices, got locked out somehow, changed again, signed in again and all has been good since.

I'm keeping an eye out for any charges or purchases but haven't seen anything yet.

Same thing happened to me last night too. I noticed while I was texting that my phone was sending messages on its own about every minute. I changed my Apple ID and password. I changed my security questions and the messages stopped. I called Apple about it and they said that's all I could do and to keep an eye out for any iTunes charges. They said to call back if purchases were made. I somehow got locked out though and had to change my password again. So I'm hoping this doesn't keep happening. Glad it wasn't just me though.

The same thing happened to me last night, i woke up to 2 emails from Apple saying my ID had been used. The first one was used to access iMessage from an iMac 27" named iMac 11,3 and the second was was used to access icloud via a web browser in windows. I immediately changed my password then went into iMessage and found 50 or so Chinese conversations.

I went to try and delete these then my ipad froz up and I had to try and get it to reboot, I found that my apple account had been locked so I had to reset my password and updated my security questions while I was at it. I have now deleted all the chinese and checked to see if all my accounts had been compromised although I doesn't appear to have been. I guess the only issue would be my details on my account DOB, name, CC etc if that section of the account was accessed. I logged onto iCloud for windows and it still looks empty and can't see any other devices listed using my account.

It is good to know I am not the only one that has encountered these weird convos.

Check your phone bills- it looks like my phone bill is 3x the normal. I can't get in to see the statement right now, but it should not be what my credit card statement says it is.

Uuseful to know if this is data or SMS usage. And if the latter; do you have "Send as SMS" turned on in message settings? If you have rogue messages on your device; were any of them green and not blue when you go into the convo?

So; this morning my sister's fiancé has had this happen to his Apple ID. Different to my fiancée where no Apple ID was used somehow, her fiancé had his Apple ID actually signed in on another device.

Comparing our partner choices; they both have MS/XB Live accounts. They both have Apple ID accounts. They've both ordered from Apple store. That's it for those emails and passwords. No phishing emails to speak of. He did not have 2FA.

For anyone still listening also; just after writing my last update; where my sister's finacé was apparently hacked; she had an access prompt on her 2 factor auth requesting for login... Interestingly; the location of this device was in the UK; not far from where she has listed as her home address... She doesn't live there anymore. She didn't leave behind her iPad or anything lol.

I think maybe this was an attempt to hack by someone who has details from her and her finacé by some shared service. They tried her afterwards; she is alphabetically after him? And maybe they're using a VPN to appear to Apple as if they are in the country of the person's account so that this doesn't flag up suspicious activity.

Also; I live nearby to where this attempt was apparently made; and I know that pretty much all ISPs here have their IP addresses geolocated to London.

So this request was from a VPN or a business line I think. But there's no IP shown on the request.

We might contact apple but level 1 support usually not helpful

I think I can add some value here. I done some investigating lately for a good friend of mine regarding this attack, and I believe it's related to a major data breach a few years ago.

Here's my write-up of it: http://breakpointweb.blogspot.co.uk/2016/10/infosec-recent-imessage-hack-chinese .html

A similar thing just happened to me. Thankfully, I don't have an iPhone and am using an android, but I use iMessage on my macbook.

Just got the emails and changed my password before any outgoing messages on iMessage were sent, but now I can't send anything on iMessage myself.

Does anyone have a solution for this, other than not using iMessage?

Nice thoughts; Sister's fiancee definitely MySpace and definitely same password.

Sister had different password; but her 2FA just stopped an attempt; so not confirmed it was a proper attack.

So can confirm on the actualy hacked account from my family that they were MySpace and same password