Hacked Mac App Store & iTunes accounts vex Apple’s New Year

It turns out that Sony isn’t the only major consumer electronics manufacturer with hacker troubles this week. Apple has also had a rough first week of the New Year, watching as the painstaking security measures they’ve implemented on iTunes and their brand-new Mac App Store were both compromised.

Early this week, reports began to surface indicating that taobao.com, China’s largest online seller, had taken up the practice of selling hacked iTunes accounts for $30 each to customers who promised that they would be able to purchase digital entertainment valued at up to 7 times what they had paid. The Global Times reported that there were nearly 50,000 compromised accounts affected, and many contained credit card details for uses in the United States.

Hacked Mac App Store & iTunes accounts vex Apple's New Year

A taibaio.com representative admitted to the Global Times that the company knew the accounts had been hacked.

“Of course these accounts are hacked, otherwise how could they be so cheap?” he said to a reporter who posed as a customer. The rep then explained that the account was “safe to use due to the legitimate holders being located abroad,” but noted that it should be used “as quickly as possible.”

Apple has not yet commented directly about the breech. “We’re always working to enhance account security for iTunes users,” the company said in a press statement, but urged customers to change passwords immediately if they come across any suspicious activity in their accounts.

As if that wasn’t enough, the hackers were able to crack the DRM used on the company’s just-launched Mac App Store within a mere few hours of its online debut. An anonymous user posted instructions detailing how to replace files in app installation packages to allow paid apps to be used for free.

While that method won’t work on all apps, members of the high-profile hacking group known as Hackulous say that they have developed a program that will work on any app in the store, but won’t release it until February out of respect for developers.

“Most of the applications that go on the Mac App Store [in the first instance] will be decent, they’ll be pretty good. Apple isn’t going to put crap on the App Store as soon as it gets released. It’ll probably take months for the App Store to actually have a bunch of crappy applications and when we feel that it has a lot of crap in it, we’ll probably release Kickback… So we’re not going to release Kickback until well after the store’s been established, well after developers have gotten their applications up,” a member of the group told TorrentFreak. ”We don’t want to devalue applications and frustrate developers.”

Apple also has yet to respond to the App Store vulnerability, stating only that they’re pleased with the response the store has received thus far.

We’ll be keeping an eye out to see just how Apple plans to address these issues. Stay tuned.