Apple iTunes reportedly hacked by malicious app developers

RadioRaiders · Jul 12, 2010

I'm a little confused, I never heard the term "app farm" before I actually don't fully understand this either. If I understand correctly, the idea is for the hacker to break into peoples iTunes accounts, and then buy his own app with the stolen account? If yes, then I think the hackers "end-game" is kind of flawed, because they are bumping their own app to the top of the list, but then it will quickly get yanked as soon as Apple receives complaints that the same app is purchaced multiple times with stolen accounts. Looks like a dead-end game. I don't see any chance of "windfall profits" as the article suggests. It just looks like more "fly swatting" for Apple, nothing unusually devious, is it?

Tue Jul 6, 7:22 pm ET

How do you get your application to the top of the iTunes App Store sales chart?

One way is to make an awesome program that everyone wants. The other: Hack the system.

Website the Next Web is offering ongoing coverage of a developing story regarding what it calls “widespread” hacking of iTunes accounts on Apple’s online software store. Late this weekend news broke that at least one developer had created an “App Farm,” which involved hacking Apple user accounts, then using them to purchase numerous apps from the site — spending up to $1,400 in total in some cases.

Sounds like a common scam, but there’s more: The goal appears not so much to be making money through these sales but increasing the overall sales volume of the apps, such that Apple’s algorithms notice and put those apps on the top of the best-sellers list. If the scam were to pan out, a small investment in hacking a few iTunes accounts could then lead to a massive windfall of earnings, as best-selling apps tend to maintain that best-selling status, since they are vastly more visible to users of the store in general, essentially earning some very valuable free advertising — and naturally lots more sales, too.

It’s unclear how many scams like this are running, but Next Web says the App Store is “filled with” these App Farms, and that all hail from Asia, likely hoping that this will grant them legal immunity, or at least the difficulty of prosecution.

Apple has somewhat acknowledged the issue but has offered only a minimal response, namely suspending the first app developer caught rigging the site this way and telling users with hacked passwords to change them.

Engadget notes that the company has “vaguely confirmed” that fraud is happening on the site — though the issue could be severe; the site notes that in the books category, one rogue developer managed to dominate 42 out of the top 50 slots with this scan. All Apple is saying is that you should check your account for fraudulent activity, change your password if you’ve been hacked, and alert your credit-card company if you’ve been affected.
Click to expand...

Apple iTunes reportedly hacked by malicious app developers - Yahoo! News

dmapr · Jul 12, 2010

RadioRaiders said: ↑

I'm a little confused, I never heard the term "app farm" before I actually don't fully understand this either. If I understand correctly, the idea is for the hacker to break into peoples iTunes accounts, and then buy his own app with the stolen account? If yes, then I think the hackers "end-game" is kind of flawed, because they are bumping their own app to the top of the list, but then it will quickly get yanked as soon as Apple receives complaints that the same app is purchaced multiple times with stolen accounts. Looks like a dead-end game. I don't see any chance of "windfall profits" as the article suggests. It just looks like more "fly swatting" for Apple, nothing unusually devious, is it?

Apple iTunes reportedly hacked by malicious app developers - Yahoo! News
Click to expand...

It could be similar to the way all the spam email works — sheer quantity. The success of this strategy will depend on how quickly Apple can react to reports and yank the app and on how many people are likely to purchase a $1 top-seller that caught your eye just to "check it out". So if it turns out that each app makes it to 25–50K people before Apple pulls the plug on it and you manage to do it with 20-30 apps, that's a nice little chunk of change for you. Whether or not that qualifies as windfall profit is another matter

RadioRaiders · Jul 12, 2010

dmapr said: ↑

It could be similar to the way all the spam email works — sheer quantity. The success of this strategy will depend on how quickly Apple can react to reports and yank the app and on how many people are likely to purchase a $1 top-seller that caught your eye just to "check it out". So if it turns out that each app makes it to 25–50K people before Apple pulls the plug on it and you manage to do it with 20-30 apps, that's a nice little chunk of change for you. Whether or not that qualifies as windfall profit is another matter
Click to expand...

Hmm, yea, I was thinking for it to be successful it would have to be more sophisticated and cunning, but true, "brute force" style attacks could be even more successful (look how crippling bonnets are). Still, I don't think Apple will let this "app farming" thing get too far. There's got to be a way to go after the source and shut them down... ok, even if it does turn out to be a game of "whack-a-mole"

dmapr · Jul 12, 2010

RadioRaiders said: ↑

Hmm, yea, I was thinking for it to be successful it would have to be more sophisticated and cunning, but true, "brute force" style attacks could be even more successful (look how crippling bonnets are). Still, I don't think Apple will let this "app farming" thing get too far. There's got to be a way to go after the source and shut them down... ok, even if it does turn out to be a game of "whack-a-mole"
Click to expand...

Yes, I don't think it'll be something that has a long run, but these initial hackers may very well be getting their investment back, plus some.

Forums

Welcome to Our WirelessAdvisor Community!

Apple iTunes reportedly hacked by malicious app developers

RadioRaiders RF Black-Belt
Senior Member

dmapr Silver Senior Member
Senior Member

RadioRaiders RF Black-Belt
Senior Member

dmapr Silver Senior Member
Senior Member

Share This Page

Useful Searches

Welcome to Our WirelessAdvisor Community!

Apple iTunes reportedly hacked by malicious app developers

RadioRaiders RF Black-Belt Senior Member

dmapr Silver Senior Member Senior Member

RadioRaiders RF Black-Belt Senior Member

dmapr Silver Senior Member Senior Member

Share This Page

RadioRaiders RF Black-Belt
Senior Member

dmapr Silver Senior Member
Senior Member

RadioRaiders RF Black-Belt
Senior Member

dmapr Silver Senior Member
Senior Member