Hacked Apple iTunes accounts sell in China for pennies on the dollar
By Katie Marsal
Published: 09:00 AM EST A Chinese online store is selling hacked, illegal iTunes accounts tied to active credit cards, offering $200 worth of content from Apple’s service for as little as $30.
China’s Global Times this week revealed that about 50,000 illegal accounts are being sold through taobao.com, with prices ranging from just 1 yuan to about 200 yuan, or $30. Many of the sales are said to be stolen iTunes user accounts being re-sold by hackers.
“Potential buyers are promised access to music and movies through iTunes amounting to seven times more than the amount paid,” the report said. “The only restriction is that all downloads should be made within 24 hours of the transaction being completed at Taobao.”
A reporter for the publication tested the sales by paying $5 to a seller on Taobao. In return, they were provided an iTunes username and password which allowed access to an account complete with credit card details and a U.S. billing address.
Last July, it was revealed that iTunes account holders were being targeted in a number of fraud cases, in which some iOS developers used stolen accounts to boost their sales rankings of iPhone software. Apple quickly made a public response to the matter, suggesting that customers review their iTunes account for unauthorized transactions.
“Developers do not receive any iTunes confidential customer data when an app is downloaded,” the company said in a statement. “If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and issuing a chargeback for any unauthorized transactions. WE also recommend that you change your iTunes account password immediately.”
In August, Apple also bolstered the security of its Apple ID accounts, which are shared by iTunes and store credit card information for purchases. Users must verify their account information when they log into new devices, and new iTunes account passwords must have at least 8 characters with mixed capitalization.Book Mark it-> del.icio.us | Reddit | Slashdot | Digg | Facebook | Technorati | Google | StumbleUpon | Window Live | Tailrank | Furl | Netscape | Yahoo | BlinkList