UPDATED: Apple comments on iTunes fraud - dev banned, change your password

iTunes account hacks Vietnamese book apps

Apple has responded to that bizarre incident over the weekend involving a glut of Vietnamese, copyright-infringing book apps rocking to best-seller status on the backs of hacked iTunes accounts.

The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.

Developers do not receive any iTunes confidential customer data when an app is downloaded.

If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.

Good advice for this incident, great advice in general. Also remember to never, not ever, click a link in an email and log into an account. That's how social engineering attacks like Phishing scams work. Use a strong password (long, with numbers and symbols), keep it unique, and change it once and a while. Treat it as securely as you treat your credit card and cash -- because that's what it is.

UPDATE: According to Clayton Morris who followed up with Apple, about 400 users were impacted. iTunes's servers were not hacked. In response Apple will be increasing the frequency they require you to enter your credit card verification number going forward.

[Engadget, Clayton Morr]

Have something to say about this story? Leave a comment! Need help with something else? Ask in our forums!

Rene Ritchie

EiC of iMore, EP of Mobile Nations, Apple analyst, co-host of Debug, Iterate, Vector, Review, and MacBreak Weekly podcasts. Cook, grappler, photon wrangler. Follow him on Twitter and Google+.

More Posts



← Previously

iPhone 4 shipping, faulty home buttons, iAds, Jailbreak, iOS apps - From the Forums

Next up →

iOS 4 limitations: Multitasking saves state, doesn't check for timeline updates

Reader comments

UPDATED: Apple comments on iTunes fraud - dev banned, change your password


That's some approval process Apple's got there. Three cheers for quality control.......

@ CJ
Considering the thousands of app developers out there, and this being the first (that I've heard of) issue with an approved app dev attempting to scam customers, I'd say they've done a pretty good job keeping the bad guys out. (statistically speaking anyway)

Engadget has reported at least a few others, and, while I would still bet that these are the results of phishing rather than any crack of the iTunes infrastructure itself, the fact that Apple approves devs into the App Store without even checking to see if the dev has an actual site at the other end of their submitted URL does not speak well of the approval process. At all.

Sorry but I can't help myself. Apple is having a pretty bad month. I can't help but pile on. And seeing how I am an iPhone 4 owner, I feel it's within my right to do so whenever Apple drops the ball. And as (Copy of) Dev has already pointed out, this isn't the first time the AppStore has fudged up.

Who runs, or moderates the app page on facebook. It is loaded with spam "I got a free iPhone" just click here, and answer these questions. Some people will fall for anything. I to am surprised that apple approved so quick without checking more. It is everywhere.

It's nice how apple doesn't take responsability for it's own flaws. O ya just call your credit card if anyone steals from u using our service. We have nothing to to with it. Cancel ur credit card, issue charge back? It's funny u can't use app store without credit card. Evil evil evil. Hold ur phone a certain way and ull get better reception. O ya u may be getting 5 bars when really it is 2 bars. We have great reception. Best on the market. I'm still with iPhone 3G and yea never buying apple products again.

Whoa!!! Why all the assumptions that it was a problem with an app or apple's approval process. The dev put out a bunch of worthless apps, and then used iTunes accounts that were phished using conventional methods to buy their own apps. The apps themselves didn't do the hacking.

One hopes apple is refunding all iTunes credit used during this incident. If not, they should be prosecuted. No half steps, just straight to court.

Funny how people comment and trash apples approval process and demand payment from apple when they clearly have no understanding of what the story is.

Glad to know I wasn't the only one. Still hoping I get my $168 back. It would have been nice if Apple would have been more proactive in dealing with this.

re: "Nothing is going well for Apple!"... on one had, I want to agree with that statement and I'm even writing an article on it. They've certainly have a had a run of some headache-inducing stories. On the other... are you kidding?
They sold 3 million iPads in the first 80 days... the iPhone4 has been their best product launch EVER, and that's from a company that's the hands-down champ in product launches... even app sales are exploding all over again... and their shares, in a volatile market nonetheless, are the most popular tech shares on the market (and up more than double what they were when I bought them awhile back).
It's inevitable, as they get larger, that they'll get some bad press now and again. It's inevitable too that some of that will be, unfortunately, earned. But for a "bad month"... I'd say they're still doing okay. More companies right now would kill for a performance half as disastrous, don't you think?

"Why all the assumptions that it was a problem with an app or apple’s approval process. "
Easy. There are a bunch of idiot trolls that like to spew out their uneducated opinions about something that they have no first hand experience with. They just read about it on the android bloggyblogs and think they have to blab about it.

I have been hit up for nearly 1600.00 due to someone hacking into my Itunes acct. I will never use ITunes or PayPal again. These people who hack into accts should GET A LIFE !!!!!!!!!!!!!

I am disappointed by apples handling of the situation. I'll just get giftcards from now on if I want aps, and I had already decided to buy real cd's instead of virtual. It's to much of a pain to get bought songs back after a reformat. I still love my iPhone though.

A person necessarily assist to make seriously posts I'd state. That is the very first time I frequented your web page and thus far? I amazed with the analysis you made to make this particular put up amazing. Wonderful process!