Last week saw fraud occurring in the iTunes system, when a rogue developer had somehow managed to snag 42 of the top 50 sales positions in the App Store’s “book” category with seemingly bogus content. There was some correlation between those suspicious sales and word of an increase in iTunes account fraud. This week the scam seems to hit Travel apps, blogs are reporting a new spat of potentially-fraudulent apps climbed the iTunes charts this week in the Travel section.
“Ars reader Harper Reed contacted us to detail the problem. His account was used earlier today to purchase 34 of WiiSHii Network’s apps without his permission, for a total of $168.89. The apps appear to mostly be travel guides for cities in China, and come in both English and Chinese versionsoddly enough, Reed ostensibly bought both.” reported Arstechnica.com
WiiSHii’s apps are also rising in the travel section suggesting that Harper Reed’s account may not have been the only one compromised. According to F-Secure’s data, approximately 20% of online users use the same password across multiple accounts, so if that one password is stolen, it opens up access to all of those user’s accounts. In this instance, Reed’s password was apparently not an easily guessable word, but there was no indication if he used his password elsewhere on the internet.