Apple This

According to recent reports, a small number of iCloud accounts that were supposedly protected by secure, randomly generated passwords have been hacked, raising suspicion by users that a security breach has happened within Apple’s servers.

Details of the hack come from a thread found on the Apple Support Communities forum. Users of iCloud have since voiced their concern that their accounts have been compromised with one affected customers saying that their Me.com email address was hacked and began sending out spam emails to everybody in the user’s contacts.

According to the user, “I never use my @me email for anything, and I guarantee someone didn’t break into the account by guessing my password (or brute force methods) – it’s a pseudoly randomly generated string of 15 numbers, letters (upper and lower case) and symbols (I worked in IT for many years and am perhaps overzealous about password security, which makes memorization a real pain). I’m worried that Apple’s iCloud servers themselves got hacked, as I see there are a few other people on the forums who are reporting that their account was used for spam in the last few hours.”

An additional thread was also started by a separate user experiencing the same problems. Both threads have relatively low numbers of replies and reader views, which suggests that any coordinated hack of iCloud accounts wasn’t widespread. Those that do believe they were hacked say that they found a series of spam emails in their Sent folders for their iCloud accounts.

The silver lining to this is that the spam emails only went out to contacts synced with the users’ iCloud account. Any contacts from Microsoft Outlook or Mozilla Thunderbird did not receive any spam. In addition to that, most of the users on the thread stated that they do not use their iCloud or MobileMe email addresses. They found out that their accounts had been compromised when they received messages from friends notifying them of the spam.

If you think you have been compromised, contact Apple Support. One user has already done so and stated that Apple Support helped them remove all of their contacts from their iCloud. That seems to be the only response so far as Apple hasn’t officially acknowledged the problem or delivered a viable solution.

Source: Apple Insider – Users raise questions about Apple’s security after iCloud hacks

Find out what is going on in the Tech Army World.

What are the Top 10 Money Making Missions?

What other companies have joined and what do they do?

How do I join the
Tech Army Organization ?

Important announcement for any MobileMe users out there! Users of this Apple service were warned over the weekend that a new phishing scam has been detected exploiting Apple’s up and coming iCloud cloud computing service.

Sophos, a computer security firm, stated that emails that are claiming to be coming from “The Apple store Team” are asking prospective victims to sign up for the iCloud service and then click the “submit” button.

A section on a Sophos blog post had an example of what one of the fake emails could look like:

“Please sign up for iCloud and click the submit botton (sic), you’ll be able to keep your old email addresses and move your mail, contacts, calendars and bookmarks to the new service.”

Sophos did note that Apple is planning on shutting down its MobileMe service mid-2012, just in time for the new iCloud service. iCloud will be able to store all of an Apple user’s music, photos, calendars and documents in the cloud.

“Understandably, a lot of MobileMe users are interested in how they will migrate to iCloud and this is the issue that the phishing email uses as bait,” Sophos stated.

Sophos added that clicking on the link in the email will take users to a third-party site that is trying very hard to present itself as an actual, legitimate Apple website.

The site will ask the user for credit card numbers, addresses, social security numbers, full date of birth, mother’s maiden name and Apple ID credentials.

“Crumbs! Imagine the harm a fraudster could cause with all that information,” Sophos stated. “Make sure you have your eyes peeled for phishing attacks and be on your guard regarding unsolicited messages you receive in your inbox. It could be you who gets hit by a phishing attack next.”

Source: GMA News – Apple iCloud used as come-on for phishing bait