My iMessage has been hacked

Nice idea, but I've never used myspace! There must be more than one hack involved.

Hmm, seems like we could be onto something then. They could be obtaining passwords another way, but it looks like this MySpace DB is at least one strong possibility. Thanks for the reply btw.

Probably. There have been more major data leaks like this. LinkedIn took a big (similar) hit and, again, all passwords were stored hashed with SHA1, which is never recommended. The increasing confidence I have is from the fact that both victims I spoke to only appeared in the MySpace DB (according to (potentially outdated) leaked source search engines). It'd be impossible for me to guess what else they're using.

The imessage hack sending casino advertisement happened to me today.

and I chatted with a tech today and his only suggestion was to update but I don't have the newest version available yet. Dude was not helpful at all. I told him about the Chinese texts and he said he's aware of this and the engineers are working to fix it. I let ATT know so they can waive my international fees!

That's too bad you got somewhat unhelpful advice there. Considering someone used your password to sign in a device in another country and send out Messages from your account, updating your own device at home would be unlikely to have any affect on that. Secure your account instead. Try two-factor authentication. Now if you're devices aren't yet updated to support two-factor, you might want to do that.

Thanks. I just found that on my own and activated it. But I'd like to know how to get my language back to Chinese and remove that losers email address from my apps!

The tech should have advised me to use the 2 facto authentication 😟

ssorry but no. Cadiva69; if you enable 2FA after you are hacked (actually sometimes you can if account changes) then you are done for, cooked, you've handed over control.

APples 2FA will not challenge an already authenticated device. So the moment that happens they can use a device that they're signed in on to change your password, add phone numbers to your 2FA, remove your email address and lock out your other devices.

HOw do I know? When I enabled 2FA I wasn't asked to challenge or auth my Mac or iPad. Not until I changed my password and signed them out.

ENabling 2FA when you're already hacked could be a suicide pill

The first step is obviously to change your password. That challenges your messages registration for all devices and locks the hackers out. That's what I meant about "secure your account" in my above answer. However, to prevent people from guessing your password in the future and going through all of this again, you can turn on 2FA. Someone else then wouldn't be able to sign into your account and add a new device to messages without access to one of your existing trusted devices.

I misunderstood. Changing your password locks you out of 2FA for 3 days though I think. That what happened to my partner; first thing she did was change password (even though no evidence account was compromised) and then we were not allowed 2FA for 72 hours. To stop hijack

same issue here, flagged up on my iPad that I'd been signed out, and to change my password which I did. Signed back into iMessage and there was about 20 messages sent to similar Chinese numbers with messages similar to ones listed in this thread.

HIghly concerning.

This happened to me. I've changed password a couple of times. The problem is that a dialogue box pops up constantly on my IPhone asking for my password. At least 10 times an hour and random. I'm signed into ICloud. I think there is malware on my phone And I believe this is how they get your password.

I did

today 26/10/2016 I've been hacked

I'm Italian - for other information I write a post on:

http://www.geekoo.it/attenzione-icloud-account-hacked-from-filippine/

This happened to me as well, but the message was longer. My Facebook had been hacked in Taiwan about a month earlier than this, and I got very stressed. I suggest you make a new Apple ID and tell all your contacts to block your old one.