Slashdot Mirror

← Back to Stories (view on slashdot.org)

iTunes Gift Card Key System Cracked, Exploited

Posted by kdawson on from the poisoning-the-currency dept.

moonbender writes "Fake but working iTunes gift cards are being sold on Chinese auction sites for a fraction of their value: 'The owner of the Taobao shop told us frankly that the gift card codes are created using key-generators. He also said that he paid money to use the hackers' service. Half a year ago, when they started the business, the price was around 320 RMB [about $47] for [a] $200 card, then more people went into this business and the price went all the way down to 18 RMB [about $2.60] per card, "but we make more money as the amount of customers is growing rapidly."' The people at Chinese market researcher Outdustry have apparently confirmed this by buying a coupon and transferring it into an iTunes account. Oops."

3 of 388 comments (clear)

  1. Occam's razor by YesIAmAScript · · Score: 5, Interesting

    Possibility 1:
    Apple doesn't use a database for cards, they use a hash even though that would be stupid.
    That hash and algorithm for arranging the data before the hash was cracked even though all the verification is done on the server and thus there is no code out there to reverse-engineer.
    Someone is generating and selling cards using that hash.

    Possibility 2:
    Someone is simply buying the largest email iTMS gift certificate allowed (I checked) with fake or stolen credit card numbers.

    Possibility 1 is possible but unlikely.
    Possibility 2 is very common, very easy and very likely.

    Occam's Razor says people likely people are jumping to an unwarranted conclusion here.

    --
    http://lkml.org/lkml/2005/8/20/95
  2. Re:And You Wonder Why Amazon MP3 Only Works in the by porges · · Score: 5, Interesting

    Gilbert and Sullivan had a big problem with this; people would come to their London openings, write down as much of the words and music as they could, take the boat to America, and put on knock-off productions. For this reason, The Pirates (!) of Penzance premiered in New York, not London.

  3. Re:And You Wonder Why Amazon MP3 Only Works in the by guydmann · · Score: 5, Interesting

    I agree that would be funny. But the real comedy here is that nothing is actually being stolen here. What is really happening is that a new unit of currency is being counterfeited. But that currency is backed by value in digital media, which in and of itself is ephemeral and can be obtained by other means for free. What a bizarre situation.