In association with heise online

07 July 2010, 11:05

Apple ejects vendor following App Store security problems

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Apple iPhone On Tuesday, Apple ejected a company selling applications for the iPhone, iPod Touch and iPad from the App Store for allegedly defrauding users. The company did not reveal the extent of losses incurred. The Vietnamese vendor is suspected of gaining access to users' accounts and using them to purchase its own comic apps. The scheme came to light when the vendor's books suddenly shot into the top 50 best-seller list, at one point occupying a total of 42 places.

The case raises questions over security on Apple's App Store. The company is advising affected users to contact their banks to block their credit cards and get their money back.

According to the Wall Street Journal, there are now 150 million iTunes accounts. The newspaper quotes an Apple press release which states that approximately 400 accounts were compromised, that the iTunes server was not itself affected and that the app developers did not gain access to any confidential user data. Apple reportedly wants to improve security measures by, for example, requiring users to enter their credit card security code more frequently.

According to the report, Apple's iTunes Store has been a frequent target for fraudsters, who generally gain access to a user's account, change the access details and then download as many songs, videos and applications as they can. Victims only become aware of the problem when they receive their credit card bill or try to access the iTunes Store themselves.

Based on estimates by security experts, the extent of iTunes account hacking is much smaller than that of other digital crimes such as identity theft. Hacked iTunes accounts are offered for sale on internet forums, but the trade is much lower volume than that for stolen credit card details or social security numbers.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit