Someone got my iTunes account!!!

Discussion in 'iPad Hacking' started by wdpower, Jun 18, 2010.

  1. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    So Amex calls me today and asks me if the three charges for forty bucks each from iTunes is mine. I check my iTunes account and find some has been buying music since yesterday afternoon on my account. The only time i access my account is on my iPad. I've started the pleasantries of changing passwords, just wintering how this happened.

    I've now been on hold with apple for a half an hour listening to some horendice crap music.

    Man am i freaked out, never had my info stolen before.
  2. Code54
    Offline

    Code54 iPF Novice

    Joined:
    Feb 21, 2010
    Messages:
    10
    Thanks Received:
    0
    Trophy Points:
    0
    Location:
    Hurricane, WV
    Ratings:
    +0 / 0
    Make sure you also check for any other charges and get them on hold asap. I would also change any other accounts that you have and use the same password for. Good luck and sorry to hear about this - I hate thieves!
  3. Joker
    Offline

    Joker iPad Fan

    Joined:
    Jun 18, 2010
    Messages:
    181
    Thanks Received:
    0
    Trophy Points:
    0
    Location:
    Kuwait city
    Ratings:
    +0 / 0
    Maybe the guy hacked in your computer? I don't know much about hackin' and stuff.
  4. idbirch
    Offline

    idbirch iPF Novice

    Joined:
    Jun 19, 2010
    Messages:
    25
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    My account was hacked a month or so back. My bank called asking if I'd spent about £40 on iTunes, which I hadn't. When I logged into the iTunes store, the regional settings were now Chinese and they had bought a few apps and games.

    My credit card issuer gave me the money back no problems but it made me realise how insecure the app store is, I still don't think it's right that you can make purchases with just a single password. All other services I use at least employ mastercard's securecode system, apple use sod all.
  5. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    So far they have my account up to $800.00 Apple says there is nothing they can do, they can't remove the pending purchases or anything. I basically need to keep getting new credit cards and putting them on there and dispute them all.

    One guy at apple told me that I should log out of my iTunes account on my iPad after each use.

    I don't know if this is because of the JB on my iPad or not but first thing this am I restored the ipad fully and changed my password again.
  6. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    Could have been a number of things.

    I would also change the password on my email account. If they get your email password they can just read through your emails for any companies that your signed up with and then visit the site to request your password reminder be emailed to you where they could then read it and delete the message without you even knowing.
  7. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    Did not think of that, seeing as my Apple ID is my email. :(
  8. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    Well it took a couple of days and about seven calls. They finally got all the pending purchases off my account and reset my password. They say I should be all set. We'll see.
  9. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    is your email a Gmail account?

    If so they have some new security features, you can go into the settings and get the IP address and locations of where you have signed in. See if someone in another state/country has been signing in. The IP could be used to track down the person and im sure your CeditCard company would be interested in knowing the info for their investigation.
  10. USBill
    Offline

    USBill iPad Enthusiast

    Joined:
    Apr 29, 2010
    Messages:
    399
    Thanks Received:
    3
    Trophy Points:
    0
    Ratings:
    +3 / 0
    Did you change to root password when you did the jailbreak? Do you use open wifi networks to make purchases?
  11. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    @mike, my email was a com cat account. And the real strange part was that apple kept trying to email me things reset passwords and stuff and i wasn't getting any of it. I called comcast yesterday and we found that my email was set to reject all emails???

    @bill, I don't know anything about the root password and most purchases and dl'ds are done at work on an access point were we
    Each have our own ip, at home with encryption, or on the 3G network.

    I think what may have happened is one of the guys here at work went into something I won't discuss on here and put something I shouldn't have had on the iPad which i think may have been compromised to get my information.
  12. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    What look like happened is your comcast email account was compromized.

    They looked through it for and emails and spotted one from apple.
    They went to apple and requested your password since they have access to your email apple just sent the password over, they read it and deleted the message.
    Then once they had your account login and password they set your email account to delete new incoming messages so that you wouldnt notice all the new purchase emails apple sends when you buy stuff on iTunes.


    if it was due to your iPad or not we probably wont know, but it seems that your Comcast email account what got compromised.


    You may want to think about switching over to a free Gmail account. You will get a ton of more storage space. They have an awesome spam detection system, and you can look at who has logged into your account in the past, where they were from and what their IP address was.
    Last edited: Jun 22, 2010
  13. wdpower
    Offline

    wdpower iPF Novice

    Joined:
    Jun 2, 2010
    Messages:
    22
    Thanks Received:
    0
    Trophy Points:
    1
    Ratings:
    +0 / 0
    I do have one, I should probably use it more.
  14. MikesTooLz
    Offline

    MikesTooLz Super Moderator Staff Member

    Joined:
    May 7, 2010
    Messages:
    2,364
    Thanks Received:
    19
    Trophy Points:
    0
    Location:
    Miami, FL
    Ratings:
    +20 / 0
    comcast may have login info logged as well, you would have to request that they look it up though.
  15. mediadealer
    Offline

    mediadealer iPF Noob

    Joined:
    Jun 29, 2010
    Messages:
    1
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    i'm dealing with a similar issue. i woke up yesterday to my bank calling me letting me know of $1050 in itunes purchases.

    i log into my itunes account and see a bunch of charges for 'in app' purchases for virtual poker chips comming from the zynga app 'live poker 7k free' only problem is that I don't have this app installed on my ipad or any other 'idevice'

    I'd be interested to hear what was bought on the OP's itunes account.

    My Ipad is jailbroken, and I did take precaution and change the root password (seeing as cydia tells you to do that!) and I never bought anything (to my knowledge) over any unsecure wifi. i mainly use my own secure wifi (spa) or i use the att 3g.

    I really want to figure out how the attackers got my itunes account info. and what they have to gain by buying these virtual poker chips.

    i've only installed a handfull of JB apps: backgrounder, sbsettings, mywi (and that weird ROCK licensing program that get's installed with mywi) winterboard, fullforce, activator, open ssh, and a few themes i found in the cydia installer, which i've since deleted.

    Could there be a rogue app / theme or some other vunerability in cydia or ROCK that compromises security of our idevices and sends our itunes info to theives? I don't know but it sure seems like it.

    i've since changed my itunes password and removed my credit card from my itunes account, and working with apple (what a joke, they dont' have phone support for stuff like this, and they take forever to reply to email) and zynga to get refunds.

    so far zynga has actually replied to my email asking for a refund and for device info related to unauthorized charges, but they say "they can't find the transactions"

    just thought i'd add my 2 cents in here and let people know about my experience.
  16. ghostaliaz
    Offline

    ghostaliaz iPF Noob

    Joined:
    Jun 30, 2010
    Messages:
    1
    Thanks Received:
    0
    Trophy Points:
    0
    Ratings:
    +0 / 0
    Did you jailbreak your ipad?

    Did you jailbreak your IPad? If So that is probably the problem. The reason why I said that is, I was putting the IOS4 on my IPhone 3G & then since I use T-Mobile as my carrier then I had to jailbreak & unlock after I installed IOS4 & I was successful, but for some reason after I did all that crap everything seemed fine until I installed a shady App from the Cydia App Store & then my IPhone started moving slow as a turtle, so I then uninstalled the crapware that I just installed & then I restarted 2 times & then everything was ok. I love Cydia for giving me access to be able to use my IPhone 3g on T-Mobile network, but some of the shady characters & software are really scary because we do not know who these people may be,they may be thieves from China or Africa or here in the USA I don't know, but my gut feeling tells me to leave those malware infested app's alone. So for me I am not going to jailbreak my IPAD 3G 64GB because it is just not worth the trouble of identity theft. So if you installed any Apps from that so called Cydia app store,then I would uninstall everything & since you said that you restored your IPad, then I would not jailbreak it this time because it is just not worth the trouble especially when we are all doing shopping & maybe paying our bills on it & those Cydia Apps & the store filled with ton's of ad's just seem shady as heck & I am not going to install nothing else from there infested Cydia App Store because I simply do not trust it & you should not either. Good Luck!

Share This Page

Search tags for this page
can i tell if someone is trying to use my itunes uid
,
did someone change ny apple id
,
got an email saying someone used my itunes account
,
how can someone use my itune account when i have changed my password
,
how do i get others off my itunes account?
,
how i do i get someone off my itunes account
,

how to see what has been charged to my itunes acount

,
if someone has your itunes account info can they get ur banking account info
,

if someone how to get your itunes password

,

out your apple id if someone changed it

,

someone changed my apple id

,
someone changed my apple id and i can't access my ipad, what can i do?
,

someone changed my apple id password

,

someone changed my itunes password

,

someone else is using my apple id

,
someone has gon into my account and changed my apple id on my ipad what can i do?
,

someone is changing my itunes info

,

someone logged into my apple account

,
spmeone bought something with my apple id
,
wdpower@wdpower.com loc:us