iTunes Hacked, PayPal Accounts Drained!

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
So the story that started out “iTunes HACKED, bank account drained!” wasn’t Apple’s fault at all. There is no “major security hole” in iTunes or PayPal and Steve Jobs didn’t steal your money either. Damn, I was ready to pounce on this one too. :D

Reports are appearing this morning about a major security hole in iTunes accounts linked to PayPal. At least one group of scammers has found a way to charge thousands of dollars to iTunes accounts through PayPal. One targeted customer told us, “My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.”
Click to expand...
 
Are you sure about that Steve? Apple says this is from phising but alot of people hit are saying they never gave out their passwords...

Not to mention that paypal is acting like it's an itunes issue.

I'm guessing you're all buying it wrong
 
i don't get the point of this crime. committing a major crime like fraud for something that can be downloaded via bittorrent with a very minor chance of repercussions. is it that hard to get an invite to that what site? the only reason i can see is personal vendetta against the individuals, itunes or paypal. if it was just someone trying to expose a security flaw for positive reasons a single download and an email would suffice.
Posted via [H] Mobile Device
 
“My account was charged over $4700. I called security at PayPal and was told a large number of iTunes store accounts were compromised.” His email was filled with nearly 50 receipts from PayPall for $99.99 each. (Update: they were for “CastleCraft, Dragon Crystals (10000 Pack), Seller: Freeverse, Inc”). He was able to catch it before his bank disbursed funds to PayPal.
Click to expand...

This seems to be the biggest part of the story here... so nearly $5k was charged to his paypal, and paypal basically says "yeah looks like you got a lot of iTune charges" instead of fixing it, he's the one who has to fix it by freezing his bank assets.
 
I had my iTunes account hacked as well. Though I didn't have it linked with Paypal (I refuse to use Paypal after they screwed me a few years ago).
After (Changing my password) talking to Apple's customer support my iTunes account is locked until I provide proof who I am.
If I ever bothered to use iTunes I'd care, but I don't really.
The hacker drained a whopping .99 cents (all that was left from my gift card I got 5 years ago). They refunded it but ... meh.
 
Phosphoros said:
I had my iTunes account hacked as well. Though I didn't have it linked with Paypal (I refuse to use Paypal after they screwed me a few years ago).
After (Changing my password) talking to Apple's customer support my iTunes account is locked until I provide proof who I am.
If I ever bothered to use iTunes I'd care, but I don't really.
The hacker drained a whopping .99 cents (all that was left from my gift card I got 5 years ago). They refunded it but ... meh.
Click to expand...

Sounds like it is a itunes being hacked issue then.
 
Do we get another presentation from Apple saying that other sites get hacked too so its not just a problem with iTunes?
 
hahahahhaha...wait.... *goes cancels paypal account*
Click to expand...

its itunes with the problem, just unlink your itunes account to your paypal account i guess ;)

anyway , I guess it begins for apple,lol, I wouldnt be surprised if more dominant OSX Viruses are next,lol
 
I made five $1 purchases and one $2 purchase in 30 minutes the other day during the UBIsoft sale with my Paypal account and Paypal suspended my account since that many purchases so close together seemed rather suspicious to them.
 
Zepher said:
I made five $1 purchases and one $2 purchase in 30 minutes the other day during the UBIsoft sale with my Paypal account and Paypal suspended my account since that many purchases so close together seemed rather suspicious to them.
Click to expand...

Lol, My account was suspended a few weeks ago because I bought something online with paypal through opera mini :/
 
Zepher said:
I made five $1 purchases and one $2 purchase in 30 minutes the other day during the UBIsoft sale with my Paypal account and Paypal suspended my account since that many purchases so close together seemed rather suspicious to them.
Click to expand...

Sure, multiple small purchases like that would be suspicious. People will sometimes try a few $1 or $2 purchases just to see if the card works as somebody is less likely to notice their account being off a few $, once they know it works then they go for the larger purchases. Had you purchased all of your stuff at one time they wouldn't have seen an issue.
 
Steve doesn't need to do anything illegal to steal money - millions are killing themselves in huge ques just to give their cash to him ;)
 
dyzophoria said:
its itunes with the problem, just unlink your itunes account to your paypal account i guess ;)

anyway , I guess it begins for apple,lol, I wouldnt be surprised if more dominant OSX Viruses are next,lol
Click to expand...

Once the hackers and rooters understand how juicy that 10% market share is, they will attack. Mac users will not be prepared at all. It will be a bloodbath. I should get in on this actually...

OSX allows the user way too much room as far as ignorance of computer skills go. Instead of teaching the user better practices, they work around it and allow their ignorance to not affect the reason they wanted to use the computer. My take anyway....
 
XamediX said:
Once the hackers and rooters understand how juicy that 10% market share is, they will attack. Mac users will not be prepared at all. It will be a bloodbath. I should get in on this actually...

OSX allows the user way too much room as far as ignorance of computer skills go. Instead of teaching the user better practices, they work around it and allow their ignorance to not affect the reason they wanted to use the computer. My take anyway....
Click to expand...

Yeah, I'm almost hoping for 20+ % market share for OSX for this reason. Most viruses and trojans don't depend on security holes in the OS but on the stupidity of users. This is an area where OSX has a huge lead over Windows.
 
apple/itunes is a very shady company in my opinion... my father who downloads MAYBE $1-$2 a week got dinged with $2000 in a period of a week because someone stole/hacked his password (or itunes in general got hacked...), and itunes did nothing to stop it... I'm sorry but a simple algorithm should have spotted a user having a 1000x increase in sales practically overnight and notified my father at the $200 mark, let alone not notify him at all. He only noticed by checking his online banking..

And the cherry on top is itunes has ZERO support for fraud issues. They literally will not talk to you on the phone, all correspondences must be by email, and we all know how easy it is to explain yourself over email, nothing evvvvver gets misinterpreted... Thank god he had his account linked to his visa and not his debit card, visa took care of it instantly...
 
Glad to see this is getting out there

Happened to me in July to the tune of $1200, SMS and Vietnamese software purchased via my iTunes account that I have never made a purchase through. I only have an iPod as a gift and setup an account for whatever reason, never purchased a single item through the store.

Luckily my bank and PayPal caught it after a few transactions and locked everything down out of the $1200 that hit PayPal only $300 was taken from my bank account. I recovered my money from PayPal and canceled my iTunes account. This brings me to my next axe to grind with Apple. You cannot speak with a person in regards to an iTunes account you have to do it via email. I called several customer services numbers for Apple and each time I was directed to an iTunes web address where I could fill out a form. I will say the iTunes CSR was helpful in getting my account closed, but didn't really seem concerned about the breach. I found this odd.

A couple bumps in the road; while only a couple hundred dollars actually left my bank account PayPal refunded me for all the transactions which then caused my bank to release the $1200. There was a period of several days where I had $1200 in my PayPal account and could not transfer it back to my bank account as I had to get my PayPal account reconfirmed and whatnot. I had the funds to cover it, but if it had been for $5k or more I would have been hurting.

Not really anyone’s fault I guess I was in the process of getting reimbursed by my bank and I also called PayPal to let them know those charges were fraudulent. I also had to get a new debit card as my bank killed it as well, 5-7 business days. I wish they were like AMEX who will next day you a new card.

The thing that sucked was it happened again the next week as PayPal did not revoke the billing agreement with ITunes after the first occurrence. That's part of the problem, the billing agreement streamlines purchases, but it also makes it easier for someone to rack up charges as they don't need your PayPal password.
 
Eragon Dragonslayer said:
Lol, My account was suspended a few weeks ago because I bought something online with paypal through opera mini :/
Click to expand...
Opera Mini loads the page up on their server and then sends it out to your phone so to PayPal it was an IP from another state or country being used to access your account and make a purchase. I went through a similar thing as my job sends all web requests to a proxy server in another state. PayPal asked me to verify the IPs that had been accessing my account during the time of the fraudulent activity.
Exavior said:
Sounds like it is a itunes being hacked issue then.
Click to expand...
Bingo
Majikka said:
hahahahhaha...wait.... :( *goes cancels paypal account*
Click to expand...
Wrong account
Zellio2010 said:
Are you sure about that Steve? Apple says this is from phising but alot of people hit are saying they never gave out their passwords...

Not to mention that paypal is acting like it's an itunes issue.

I'm guessing you're all buying it wrong
Click to expand...
iTunes issue for sure, nothing else was purchased except iTunes stuff and I never give out my info so no phishing scam either. Hell, I almost couldn't remember my iTunes log in to get my account canceled.
greenfrogman said:
guess they used the same password for itunes for paypal
Click to expand...
Perhaps, but not in my case.
RyanLucier said:
apple/itunes is a very shady company in my opinion... my father who downloads MAYBE $1-$2 a week got dinged with $2000 in a period of a week because someone stole/hacked his password (or itunes in general got hacked...), and itunes did nothing to stop it... I'm sorry but a simple algorithm should have spotted a user having a 1000x increase in sales practically overnight and notified my father at the $200 mark, let alone not notify him at all. He only noticed by checking his online banking..

And the cherry on top is itunes has ZERO support for fraud issues. They literally will not talk to you on the phone, all correspondences must be by email, and we all know how easy it is to explain yourself over email, nothing evvvvver gets misinterpreted... Thank god he had his account linked to his visa and not his debit card, visa took care of it instantly...
Click to expand...
THIS. Why can I not speak to a person at iTunes? Both my bank and PayPal had helpful CSRs that seemed concerned and eager to help resolve the issue. Also, I never purchased anything from iTunes and then one day there are 20 transactions to the tune of $1200 and that doesn't seem strange? Why does PayPal and/or my bank have to catch it? It should never have gotten that far.
 
Lessons from the security paranoid:

1) Never link a debit card, PayPal, or any other cash equivilent to a 3rd party website (Apple or otherwise). For iTunes, Live, etc I only buy cards as needed and load the account that way.

2) Don't link your primary bank account with a service like PayPal.. don't link anything but a CC if possible. If you have to have an account linked (such as a frequent seller) create one specifically for that purpose that is not used for anything else.
 
This is still going on and I too do not for a minute believe I was Phished or keylogged. I woke up on labor day to 14 emails from Paypal for 652.31 in charges over a 5 hour period hell one 12 min window was 350 worth and in that 12 mins four transactions for 250 went through and NO ONE caught it. I am done with both itunes and paypal as soon as I get my money back. It pisses me off that the first words outta the paypal reps mouths were we are having massive fraud from Itunes atm almost so much we cant deal with it all... Then why on gods green earth are they still taking itunes purchases?!?!?! And why did/do they not have some increased fraud programs in place or something.... When you consider though that paypal immediately took the money back from itunes and then got the money from my bank that 1200 buck they can skim interest off of... Now granted my little 1200 doesnt make much interest but multiply that time the hundred or thousands affected time the ten days they get to keep your cash and you realize Paypal profits from this as much as the actual scammers.... Thats why they wont help you faster.
 
Err damn no edit... In one window I had 7 transactions in 12 mins that totaled 350 and 4 of those transactions totaling 250 of that amount all happened in 4 mins.. .One would have thought that amount that fast should have triggered the auto fraud programs especially when you consider many of the charges were for the same amounts.

I guess we just gotta hold our itunes accounts with two fingers and I await the wonderful presention where Mr. Jobs shows us how all accounts can be phished.....
 
You must log in or register to reply here.
Back
Top