Monday, July 5, 2010

Apple iTunes accounts hacked, used to cheat ranking system


A rogue Vietnamese developer reportedly hacked into iTunes accounts and used them to purchase his book apps, thus artificially boosting their ratings and sales in Apple's App Store. Both The Next Web and Engadget covered the story over the weekend and noted that, at one point, the high volume of sales propelled Nguyen's apps to take over 40 of the top 50 book app slots in the store. According to The Next Web, up to $1400 has been spent on some users' accounts.

Apple has not officially responded to the problems, but Nguyen's apps have now disappeared from the App Store. We're not sure whether Apple decided to shut down the operation or the seller pulled the apps himself after the story blew up. Even more worrisome is the fact that this doesn't seem to be an isolated incident -- reports are now emerging about alleged "App Farms" in iTunes being used to scam users out of their money, including one developer who hands out around 45 games for free (many of them clones that only differ by the number of "points" they offer), and then uses in-game points purchases costing upwards of $150 to make their money.

With over 100 million active iTunes accounts to date this is a serious matter. It's unclear at this point how the hackers got their hands on the iTunes account passwords, whether by employing phishing scams or through a vulnerability in Apple's system. Either way, it wouldn't be a bad idea to keep an eye on your account for any suspicious activity and make sure you are using a strong password.