Apple still silent as more scams are found on App Store
The App Store may have an increasing scam problem thanks to shady developers, but so far Apple has yet to provide any official response on the issue. First reported on by The Next Web Sunday, several developers appear to be using methods to hack into user accounts and make more purchases of a particular developer's apps.
Developer Thuat Nguyen appears to be one of the first widespread examples of this. His apps in the books category at one point made up 40 of the top 50 applications, and users have reported in his comments that purchases of as much as $600 were made on their iTunes accounts without authorization, typically to his other apps.
Attempting to find any information on the developer is fruitless: his home page is nothing but a parked domain, and web searches on his name provide little if any further information. Apple has quickly moved to remove Mr. Nguyen's apps and they were unavailable for download when checked by Betanews on Monday.
Apple enthusiast sites have quickly jumped on the reporting by The Next Web and others, attempting to play down the situation. MacRumors called the issue "greatly exaggerated," pointing out at most that only hundreds of accounts were hacked out of over 100 million.
While that assessment of the situation may be indeed accurate, what is more troubling is that Nguyen's apps are not the only ones who may have found ways to scam unsuspecting iTunes users.
At least two other possible scam developers may be using similar practices. Charismaist has three apps available for download. One, an apparent sonic mosquito repellent has apparently scammed users out of as much as $100, even though it is marked as free.
Storm 8 is another example. A purveyor of games, the issue here is apparently the in-game point purchases. They can cost as much as $150, and one user reported up to $1,400 in charges alone due to one of their games. In this developer's defense, it doesn't appear at this time that the purchases are made without user consent, however.
Further investigation into the seedier developers on the App Store is ongoing by The Next Web and several other publications, so further issues are sure to appear. In any case, the first example of Mr. Nguyen's apps still appear to be the most troubling, since it does seem that purchases are happening without consent.
In all likelihood, this would indicate a possible flaw in Apple's App Store and/or in-app purchasing system, allowing for this activity to occur. That seems to be more likely then the accounts being hacked themselves, which would require the app to phish the iTunes password.