iphone-app-fraud

Scores of iTunes users have had their accounts hacked and used to buy software, much of which was in the form of pirate manga apps. Some users report thousands of dollars in fraudulent purchases.

Apple for its part only acknowledges banning some developers in connection with “fraudulent purchase patterns,” and then suggests cancelling any cards linked to a compromised account.

The incident began with a developer, identified only by the Vietnamese name “Thuat Nguyen,” publishing iPhone apps on the iTunes App Store, most of which were apparently book apps, including a large number of pirate manga apps.

Reportedly, users who downloaded these apps found their accounts hacked and used to buy other apps by the same developer, which soon projected these apps into dominating the charts for their respective categories.

A summary of the incident:

• A number of iTunes accounts have been hacked from across the globe, not just the US, and used to purchase apps.

• The app developer that began this entire investigation has now had their account (and apps) removed, but we’ve discovered a number of other developer accounts with very similar, if not more “innovative”, approaches to stealing users money. The Apple App store is filled with App Farms being used to steal.

• iTunes users have reported anywhere between $100-$1400 spent using their accounts.

• The trend: buy a couple of low cost apps ($1-$3) and then one app at an extortionate price ($90+).

• We’ve also seen a reports of a free app being bought and using in app purchases to effectively send money to the app developers accounts.

• Many of the apps have been purchased to specifically climb up the iTunes ranking to gain momentum in the hope that others will purchase the apps based on their high sales.

• Currently all the app purchased have been owned by Asia based developers with little information known about them. Clearly they feel being based in Asia will give them immunity to any US laws.

• This seems to have been happening over the course of the last 4 weeks, although MacRumors shows hacking on some level dating back to 2009.

Apple later issued one of its notorious Soviet style PR missives, quietly avoiding any mention of the fact it had just given hackers access to the credit cards of thousands of its customers and innocently suggesting those afflicted cancel their cards immediately:

The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.

Developers do not receive any iTunes confidential customer data when an app is downloaded.

If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.

Reassuring indeed.

Reportedly these scams continue to be widely perpetrated. Considering the effort Apple expends in removing any prurient material from iTunes, it is remarkable to see such an anaemic response to an apparent incidence of major fraud.


    Post Comment »
    73 Comments
    Sort by: Date | Score
    Comment by Anonymous
    17:50 07/07/2010 # ! Neutral (0)

    First all the gullible people thinking they are safe lost all their info to the facebook / twitter info leaks and now yet again another item that access the web the gullible people put their life info into incl credit card numbers and addresses is being used to fleece them out of it all and it was probably done by a group of people who started out being what is called GoldSellers in online games running hacks bots and cheats for players in games that run 24 hours a day 7 days a week. Now they have all your info and your life and your money. Congrats Apple for making people thing any thing with a Mac computer system is safe from being hacked. You Fail Apple and SteveJOBS.

    Comment by Anonymous
    14:42 07/07/2010 # ! Neutral (0)

    It's time to pitchfork some filthy Vietnamese in the back.

    Comment by Anonymous
    03:04 11/08/2010 # ! Neutral (0)

    shut the fuck up you fucking racist

    Avatar of Nanaya Shiki
    Comment by Nanaya Shiki
    13:47 07/07/2010 # ! Neutral (0)

    Using US cards to buy Vietnamese-translated manga, this guy is a pure dumbass. At least he could've named the titles in English.

    Comment by Anonymous
    19:36 07/07/2010 # ! Neutral (0)

    Kill they ass.

    Comment by Anonymous
    01:55 08/07/2010 # ! Neutral (0)

    Apple could develop another hybrid kernel operating system "from scratch". They have enough resources to do this. I want a robust, non-bloated Apple product. Is that a hard thing to do?

    Learn from BeOS or Amiga for crying out loud.

    Comment by Anonymous
    19:44 07/07/2010 # ! Neutral (0)

    This site is pretty sweet viewing on my ipad, oh the irony.

    Comment by Anonymous
    Comment by Anonymous
    19:36 07/07/2010 # ! Neutral (0)

    Because 400 out of 150mil accounts is 'huge' and 'major' issue with the system. Not to mention the hypocrisy that SC complains about Apple's restrictive App Store then goddamn says they should moderate it MORE.

    Next up: How MS is at fault when people 'hack' in to their Windows PC because the password is "password".

    Also lol @ every post that actually read about what the hell actually happened (as apposed to SC fanboi's usually knee-jerk whenever a company named after a fruit is mentioned) getting down-ranked. Stay classy.

    Comment by Anonymous
    20:11 07/07/2010 # ! Neutral (0)

    Malware hosted on iTunes/AppStore servers - no different than anything in the Windows world.

    Malware hosted on iTunes/AppStore servers + accessing account details held on Apple-owned/contracted servers - Bad Apple / security failure on Apple's part.

    Comment by Anonymous
    09:42 07/07/2010 # ! Neutral (0)

    this is jobs punishment for trying to get into the console wars.

    But in his defence, the mac is a pretty solid OS

    Avatar of Ikuhisashiku
    Comment by Ikuhisashiku
    10:20 07/07/2010 # ! Neutral (0)

    "the mac is a pretty solid OS"

    ... No comment.

    None at all.

    Avatar of pluki7
    Comment by pluki7
    13:28 07/07/2010 # ! Neutral (0)

    Understandable if you've never used it. People tend to fear what they don't know.

    Avatar of Sychone
    Comment by Sychone
    00:43 08/07/2010 # ! Neutral (0)

    MAC -> OS
    No comme--oh wait...

    Comment by Anonymous
    20:03 07/07/2010 # ! Neutral (0)

    wrong! MAC has more security holes than windows, because its market share is tiny and Apple never public anything. you guys are leaded to a false impression that MAC is safe. Quess what, in hack competition, MAC always get hacked first.

    But hey, maybe you are a victim already, it just you dont know about it.

    Comment by Anonymous
    09:35 07/07/2010 # ! Neutral (0)

    Keep in mind that developers DO NOT have access to credit card info and billing info when you buy an App from the App Store. Apple handles the purchase transaction and later sends the developers their cut of the purchase price.

    Which makes this scam really stupid. Apple will never pay the developers their money.

    The scammers hacked into user's iTunes accounts (most likely due to phising scams or guessing simple passwords). Then they bought the apps they developed.

    Problem is, the developers would have to go unnoticed long enough for Apple to pay them (which is at least monthly, maybe longer).

    Stupid scammers.

    While Apple is being their usual lame 'not our fault' selves ("Don't hold your phone that way, stupid user!"), this time most of the fault is with the developer scammers.

    And the stupid users who either fell for a phising scam or used a easy password. :)

    Comment by Anonymous
    11:31 07/07/2010 # ! Neutral (0)

    The problem is there's a good chance it has been going on for a while and Apple has already paid the dev.

    Comment by Anonymous
    09:57 07/07/2010 # ! Neutral (0)

    That's hilarious, since Apple individual inspects/approves EACH and EVERY developer just to prevent this sort of thing.

    That's SUPPOSED to make the peer review process obsolete, since the red-tape is checking for you...

    Guess red tape still isn't a good replacement for common sense.

    Comment by Anonymous
    02:14 08/07/2010 # ! Neutral (0)

    Well, all things considered, the opinion of MANY people is better than that of FEW people.

    Avatar of basilio
    Comment by basilio
    09:09 07/07/2010 # ! Neutral (0)

    First Steve Jobs steals their money, and now app developers steal their money once more? Being an Apple-user must suck.

    Avatar of pluki7
    Comment by pluki7
    Avatar of giascle
    Comment by giascle
    09:14 07/07/2010 # ! Neutral (0)

    Fuck Apple. And I'm a Mac user.

    Comment by Anonymous
    09:38 07/07/2010 # ! Neutral (0)

    FUCK apple and Mac. I'm a windows user

    Comment by Anonymous
    09:55 07/07/2010 # ! Neutral (0)

    and how is it different?

    Comment by Anonymous
    10:09 07/07/2010 # ! Neutral (0)

    That's like going "Screw Microsoft, I'm running Windows instead..."

    Avatar of Master Evil The Return!
    08:19 07/07/2010 # ! Neutral (0)

    *bushes head into keyboard repeatedly* WHY DID IT HAVE TO BE A MANGA PIRATE APP ??!!! I can hear the publishers through the world putting the blame on scanlations.

    Can we murder the creator of the apps ?
    He is the one that hacked the credit cards and purchased craploads of has own apps.

    Comment by Anonymous
    14:35 07/07/2010 # ! Neutral (0)

    How do you bush your head?

    Avatar of Jeedwi
    Comment by Jeedwi
    06:41 08/07/2010 # ! Neutral (0)

    Shove it into a hairy vagina. :D

    Avatar of CC
    Comment by CC
    06:46 08/07/2010 # ! Neutral (0)

    It's like bashing.. but with an afro.

    Avatar of DHYohko
    Comment by DHYohko
    08:17 07/07/2010 # ! Neutral (0)

    that's why itunes cards are the way to go....

    Comment by Anonymous
    10:21 07/07/2010 # ! Neutral (0)

    Or jailbreak and get real apps you would actually want.

    Comment by Anonymous
    12:09 07/07/2010 # ! Neutral (0)

    you mean jailbreak, add hackulo, and get cracked apps? Cuz the cydia store apps suck.

    Comment by Anonymous
    19:24 07/07/2010 # ! Neutral (0)

    but hackulo doesnt exist anymore but alternatives do likewise lol

    Comment by Anonymous
    12:31 07/07/2010 # ! Neutral (0)

    Yeah, that works to.

    Avatar of NeverSleep
    Comment by NeverSleep
    08:14 07/07/2010 # ! Neutral (0)

    Wow, stolen by a iPhone download, must sucks...

    Avatar of Azure Xuchilbara
    Comment by Azure Xuchilbara
    16:17 07/07/2010 # ! Neutral (0)

    @NeverSleep

    Wow, and I thought that's only possible in a PC or Laptop...

    I feel sorry for all the iPhone users who got scammed on this...It's better to read manga on a PC rather than on a cellphone anyway...

    Comment by Anonymous
    00:20 08/07/2010 # ! Neutral (0)

    Credit card fraud? There's an app for that!

    But seriously, this sucks...

    Comment by Anonymous
    22:12 07/07/2010 # ! Neutral (0)

    Does anyone smell another lawsuit against apple? This is getting even more interesting by the second. Somebody needs to pop some corn because I think this show will be epic

    P.S. I'm a mac user, but the show must go on :D!

    Comment by Anonymous
    10:59 07/07/2010 # ! Neutral (0)

    I would just like to point out that Apple itself wasn't hacked in this incident. This was a result of scams in various websites that collect iTunes usernames and passwords from random people who don't know better than to do otherwise. This is the reason why Apple is recommending that users change their iTunes passwords or cancel their credit cards.

    Avatar of Ikuhisashiku
    Comment by Ikuhisashiku
    13:21 07/07/2010 # ! Neutral (0)

    Guys, seriously.

    I can understand if you don't like Apple or something like that. Believe me, you are not alone in this regard.
    But, seriously.

    Why are people down-voting other people for stating the obvious? For using common sense?

    Nothing anon 10:59 said was wrong in any way. So, why?
    Was it because he actually said something good about Apple and how it isn't techincally their fault?
    (He actually has a point. It's all the stupid people out there who are at fault here.)

    Because if that's the case, then that makes us no better than those feminists and moralfags who are on their crusaide against loli and all things fetish-like.

    Censoring stuff just because you don't like it?
    I seriously thought you guys were better than that.

    Comment by Anonymous
    17:20 07/07/2010 # ! Neutral (0)

    ??? the reason it was marked down it bcuz it was a simple lie , other tech site who have all the info on this have actually said apple was hacked , not "retards gave account info which led to mass frode" , that happens to but this was and actual attack on apple , another one happened against youtube.

    Avatar of Riiku
    Comment by Riiku
    18:00 07/07/2010 # ! Neutral (0)

    The more popular a place becomes, the more it becomes crowded with stupid and immature people. It's a common sense, and a nature of humans. Therefore, giving everyone equal rights to comment and vote will inevitably result in a den of immature imbeciles and view point conflicts. Especially given the thematic basis if this site

    Avatar of pluki7
    Comment by pluki7
    13:47 07/07/2010 # ! Neutral (0)

    I feel for you. I've been visiting sankaku daily for quite some time, and it's becoming more of a hate site lately...

    I think it's partly artefact's fault... he knows how most people here love to hate Apple and he keeps giving them fuel; biased news. I believe this is called hit-whoring; bad news sells, people don't give a shit if it's not well-researched or even an outright lie.

    Avatar of pluki7
    Comment by pluki7
    13:54 07/07/2010 # ! Neutral (0)

    I used to enjoy the witty comments here... but these days it's becoming a hate zone.

    Avatar of Master Evil The Return!
    14:08 07/07/2010 # ! Neutral (0)

    i got to agree with ikuhiasashiku and pluki7 SanCom have some cool members and some fucked up ones, now lots of comments are so freaking immature and most are just hate but why are the useful, common sense ones being down graded ?

    Comment by Anonymous
    14:32 07/07/2010 # ! Neutral (0)

    Fairly simple Master-evil.

    Some folks here want to turn this place into a second /b/.

    Comment by Anonymous
    20:19 07/07/2010 # ! Neutral (0)

    @Riiku
    I know quite a few public forums that are filled with mature and intelligent people. Incidentally, none of them are geared towards entertainment.

    Comment by Anonymous
    11:19 07/07/2010 # ! Neutral (0)

    You cant post this!! It portrays Apple in a good light!!

    Avatar of Chen-04
    Comment by Chen-04
    18:23 07/07/2010 # ! Neutral (0)

    Don't forget light and maybe visual novels. Let's call it the Novreader and make millions.

    Avatar of MasterYuke
    Comment by MasterYuke
    14:59 07/07/2010 # ! Neutral (0)

    let's create a sort of iPad or Kindle that is just used for downloading and reading manga; printing scanlations into actual book form would be a bitch...

    Comment by GTR
    08:19 07/07/2010 # ! Neutral (0)

    It proves that Apple's Walled Garden can be circumvented. All that screening and approval process has been beaten. This completely makes the App Store screening process useless. It's just another form of security theater that fan-boys buy into. In this digital age, as long as data can be transmitted to and from the device, every device is vulnerable regardless of company or OS. I wouldn't be surprised if hackers start changing the target from Windows to iOS. With 65 remaining flaws on the iOS 3.x, who knows how many flaws are in iOS 4. I suspect that it would be ripe for compromise. Weapon-ized packets, weapon-ized apps, flawed HTML 5 implementations, weapon-ized SMS messages, or the weapon-ized emails could easily be obvious and exploitable attack vectors. In fact, I would think the first exploit would be to shutdown the sand-boxing within the OS. Compromise that and you've got a broken product. Folks, this isn't theory, this can be done. It's a matter of when. Looks like Apple better start thinking anti-malware for iOS.

    Comment by Anonymous
    Avatar of apez
    Comment by apez
    17:25 07/07/2010 # ! Neutral (0)

    yep , if you use comodo then windows is already completly secure

    Comment by Anonymous
    09:48 07/07/2010 # ! Neutral (0)

    this is the reason as to why i am worried about what Zuckerburg is trying to.

    Avatar of Jeedwi
    Comment by Jeedwi
    10:36 07/07/2010 # ! Neutral (0)

    He's already collecting credit information with those IDIOTIC AND COMPLETELY USELESS gifts you can send people...

    Comment by Anonymous
    10:19 07/07/2010 # ! Neutral (0)

    One day, windows will be known as the least vulnerable, simply because they've been going through all the shit for decades

    Comment by Anonymous
    12:11 07/07/2010 # ! Neutral (0)

    lol you wish. It'll be the least vulnerable when nobody uses it and hackers don't see a necessity to do any thing to it.

    Comment by Anonymous
    13:32 07/07/2010 # ! Neutral (0)

    And that's not going to be soon. Windows is still dominating the market of OS, and Nokia still dominating the mobile market. Sure, Apple and Google got their shares increased, but it's still a loooong way to go till we see Microsoft down.

    inb4 MS fan, I'm a 15-years-faithful Apple customer... And I liked it more without all this press hype around Apple.

    Comment by Anonymous
    10:31 07/07/2010 # ! Neutral (0)

    I remember a app called "I'm Rich" that was just a 1000(USD) wallpaper :P




    Post Comment »

Popular

Recent News

Recent Galleries

Recent Comments