Slashdot Mirror
Has iTunes Been Hacked?
An anonymous reader writes "Betanews has a series of articles talking about an apparent hack in iTunes that has resulted in fraudulent charges for some users involving Sega's Kingdom Conquest game. The reports start with a personal account from reporter Ed Oswald, who was a victim of the hack itself. The next story adds reports from readers, and the most recent story adds additional reports, with Oswald saying the number of reports received are in the 'dozens.' Apple has yet to confirm the existence of a hack, although reports have appeared on Sega's own support forums, Apple discussion boards, and through other news outlets."
I specifically blocked Itunes in my firewall; it doesn't get to connect to the internet at all. No problems. Amazon is better anyway.
Quite likely actually. It seems these reports surface every few months.
Heck, last year we've had many reports of hacked accounts being used to buy in-app purchases or raise rankings of apps.
So, the options are either a very lowlevel iTunes hack that only seems to steal a few hundred accounts at a time (iTunes has over 250M accounts according to today's keynote), a very big breach of iTunes that someone only seems to be using a few hundred accounts at a time, or, a bunch of people got phished or used the same password.
In fact, I've seen a number of Apple phishing emails over the past few months - usually advertising some Photoshop sale or something. They look pretty real too, but they're phishes (I get them on my non-iTunes accounts).
The general goal is to use in-app purchases of some $99 things to get easy money, and the easiest way is to phish some emails (like the fake Apple ones - honestly, Apple only sends me emails about their products, not about Photoshop... and never about SALES of said product).
Most likely, either a reused password, or a phish. Besides the Photoshop bundle offer, I saw another fake Apple phishing email, but I can't remember for what product. I think it was for an Adobe product though.