Welcome to the MacNN Forums.

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

You are here: MacNN Forums > Hardware - Troubleshooting and Discussion > iPhone, iPad & iPod > App Store scam + iTunes account hacked

App Store scam + iTunes account hacked
Thread Tools
Jabba
Fresh-Faced Recruit
Join Date: Mar 2003
Location: Tucson, AZ
Status: Offline
Reply With Quote
Jul 21, 2009, 07:31 PM
 
Last night I attempted to download an app directly from my iPhone 3GS. My password was rejected three times. I then logged on to the Apple website and tried to log on there with my Apple ID - password rejected. This morning, I got an iTunes receipt listing two apps I had purchased, but four that I hadn't.

I called Apple and they were very helpful - reset my Apple ID password and removed my credit card from my iTunes account. The gentleman then told me I had another three app purchases pending as of today - none of which by me. Once I got that receipt, I took a closer look: all of the bogus apps were were from the same seller: Xe Hei. I then looked the apps up on the App store - all the same developer: Black8 Studio. And someone named chuckys bar posted a review that detailed the exact same thing - hacked account and bogus purchases of all these apps.

The apps themselves are lame: how to stop smoking, how to watch less TV and how to relax. They all cost $9.99. Search for "Black8 Studio" and you'll find them. take a close look at the screenshots- the grammar is horrible, but the majority of the description is not - because it has been copied from somewhere on the web. A couple of people have actually purchased them.

When I spoke with Apple today, they could tell that these apps were purchased from a different computer than mine, but they haven't been downloaded. The apps are just there for them to purchase for you and collect $10 bucks a pop. Why didn't they pick a higher amount?

I called Apple back and gave them the details and they said they would look into it. Once I got back into my Apple ID account, I noticed they had changed by password retrival question and birthday.

Thanks to Apple for being so helpful and recommend folks pay attention to their iTunes receipts. And probably a good time to change their passwords.

Note: Copied from my post on the Apple Support discussion forums
     
Cold Warrior
Moderator
Join Date: Jan 2001
Location: Polwaristan
Status: Offline
Reply With Quote
Jul 21, 2009, 08:07 PM
 
9.99 is a popular amount to go for because many people will miss it on the credit card statement. The problem is that these are iPhone apps. People use them and they'll remember buying a pricier application, especially when Apple sends automated receipts.
     
turtle777
Clinically Insane
Join Date: Jun 2001
Location: planning a comeback !
Status: Offline
Reply With Quote
Jul 21, 2009, 08:08 PM
 
Wow, those scammers are idiots.

It shouldn't be hard to track them down, considering all the traces they leave in electronic transactions like that.

-t
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Jul 21, 2009, 08:23 PM
 
Pretty disconcerting. Thanks for the warning, Jabba.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
memyselfandimac
Junior Member
Join Date: Apr 2002
Status: Offline
Reply With Quote
Jul 21, 2009, 09:24 PM
 
Originally Posted by Big Mac View Post
Pretty disconcerting. Thanks for the warning, Jabba.
Even more disconcerting to me is the fact that anyone would even buy any of that companies apps in the 1st place. obviously some people have more money than common sense. i don't see anything that I would waste my time downloading for free let alone pay $10 for.
     
Brien
Professional Poster
Join Date: Jun 2002
Location: Southern California
Status: Offline
Reply With Quote
Jul 21, 2009, 09:42 PM
 
Well, it's brilliantly stupid as a scam, like turtle was saying.
     
abbaZaba
Mac Elite
Join Date: Jun 2006
Location: Pittsburgh
Status: Offline
Reply With Quote
Jul 21, 2009, 09:47 PM
 
I initially thought this thread was going to be another one of those "d00d someone hacked my account and now they sent viruses to my address book" but this is quite disconcerting. how did this person guess your birthday and secret question? scary
     
Big Mac
Clinically Insane
Join Date: Oct 2000
Location: Los Angeles
Status: Offline
Reply With Quote
Jul 21, 2009, 11:17 PM
 
Hard to know. Could have been an insecure public Internet access point Jabba accessed his account from. Could have been a dictionary attack. Or maybe they did have his birthday - I really dislike weak security questions that some sites require account holders to use. Maybe they found his birthday on Facebook. Or maybe it was a clickjacking. It's hard to know until we find out more about the way the iTS is being targeted.

"The natural progress of things is for liberty to yield and government to gain ground." TJ
     
Simon
Posting Junkie
Join Date: Nov 2000
Location: in front of my Mac
Status: Offline
Reply With Quote
Jul 22, 2009, 03:41 AM
 
I'd like to know how the account was compromised in the first place.

The scam isn't anything special. Quite ordinary actually. I'm assuming as long as your user/pass are fine, you won't be affected by anything similar. However, since I don't know how the OP's account was compromised I'm not 100% sure about that. I'd like to know more details.
     
Jabba  (op)
Fresh-Faced Recruit
Join Date: Mar 2003
Location: Tucson, AZ
Status: Offline
Reply With Quote
Jul 22, 2009, 07:06 AM
 
Simon - that's a good question and I would like the answer as much as you.

To be clear - my password to my iTunes account was compromised somehow. Since my iTunes account was linked to my Apple ID, access to the former also provided access to the latter. Once Apple Tech Support reset my Apple ID account password, I went back in there and that's when I noticed that my pasword retrival question and birthday had been changed. Whoever it was didn't need these to access my account - they already had my password - they just changed them once they got in to prevent me from getting back in there.

I really don't know how my info was compromised. It wasn't the strongest password and it wasn't unique to my iTunes account - two situations now fixed. The interesting part to me is how the App Store is being used to facilitate this scam. It's one thing to purchase iTunes gift cards with a cracked account - one purchase is just like another. But in this case, these apps solely exist for someone with a cracked account to go and purchase on someone's behalf. Curious to see if these apps stay in the App Store.
     
mduell
Posting Junkie
Join Date: Oct 2005
Location: Houston, TX
Status: Offline
Reply With Quote
Jul 22, 2009, 01:50 PM
 
I'm surprised they bother hacking fake accounts when it's so easy to generate iTMS gift certificates. Or maybe they intend to apply the bogus GCs to hacked accounts, just to add that extra layer of abstraction.
     
swalterd
Fresh-Faced Recruit
Join Date: Jul 2009
Status: Offline
Reply With Quote
Jul 23, 2009, 05:31 PM
 
Exact same thing happened to me over the weekend. I found out on Sunday when I tried to use my iPhone to update apps. Same merchant and everything. I submitted a report to Apple online and they reset my account password, but said they couldn't reverse the charges. They said I had to go through my credit card company. What number did you call to get the to do that? I just disputed the charges with Amex and then removed my card from my account.

I think I am going todo what one of my buddies does and just charge up the account with gift cards when he needs to buy something.
     
ChuckysBar
Fresh-Faced Recruit
Join Date: Aug 2009
Status: Offline
Reply With Quote
Aug 9, 2009, 03:24 PM
 
I was just sittin here and decided to see if anyone else had the same problem as I did. Seems I was the first one to report this issue with Apple. They were not very helpful regarding my issue regarding my account being hacked into and charges made from Black8 Studio apps. I have looked at all of Black8's apps in itunes and all of them seem very useless. I have also posted comments on all of the ones I was charged for but what is very funny is that other replies seem to be of people loving these apps. How the hell is that possible? Either these people are complete idiots or it is Black8 themselves posting multiple possitive comments. Also another thing, if you click on the web page link, it takes you nowhere. all the address is is "http\". I too have 2 pending charges on my itunes account both for 9.99 each. The rep at apple who finally helped me told me to not worry about those being charged because I have since deleted my paypal account from itunes. Another thing I noticed when my itunes account got hacked was the dumbass who hacked into my account only changed one thing...my email address on the account. The email i originally had on my itunes account was a yahoo mail account. Well this moron changed it to a gmail account. Same prefix but now a gmail account. Once the rep told me what email account was active, I decided to try the password i always used before. HOLY HELL IT WORKED! Funny how the idiot changed to a email account I never had anyway but didnt change the password. So after all was said and done, I got my bank to investigate the transactions made and I got my money back. Thing that sucks now is, is I now need to send paypal all my bank info, copy of drivers lic., and fax it to them just to get my paypal account going again. Thanks Black8 for the headache. Hope your ass gets raped.
     
GuyWithACamera
Dedicated MacNNer
Join Date: Nov 2004
Status: Offline
Reply With Quote
Aug 17, 2009, 11:04 PM
 
Similar thing happened to me at the end of last summer. Although my iTunes acct wasn't affected, my .mac/me mail account was compromised somehow. They did access my PayPal acct and withdrew over $1,000 from my bank acct for purchases from a chinese video game website.

Apple couldn't tell me how they hacked my acct. In my mobile me acct settings on the web, there was a setting to forward all mail to another email address that I've never heard of (which I did set that email address up to receive free gay porn/spam, hehe).

I caught on when I was reading my email and 2 Paypal payment notifications came in and almost immediately were deleted while I was reading them. I'm guessing the guilty party was deleting the evidence so I wouldn't notice.

In the end between my credit union and PayPal, I got my money back. I also took extra measures to make sure it didn't happen again including better passwords, PayPal only bank acct, and even the PayPal dongle thing.

So, I think that Apple's mobile me/ID security could definitely be better. Kind of related but I feel your pain.
I have no lid upon my head. But if I did, you
could look iniside and see what's on my
mind.
     
   
Thread Tools
 
Forum Links
Forum Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Top
Privacy Policy
All times are GMT -4. The time now is 09:22 AM.
All contents of these forums © 1995-2017 MacNN. All rights reserved.
Branding + Design: www.gesamtbild.com
vBulletin v.3.8.8 © 2000-2017, Jelsoft Enterprises Ltd.,