“Hacking” Results In Mass Hysteria

It is no secret that any website is vulnerable to attack from a rouge programmer or group of them. Earlier today several news agencies reported that the iTunes App Store was “hacked” resulting in the developer of several poorly written applications gaining a spot on the top of iTunes top apps chart by committing fraud using compromised user accounts. As this situation continues to unfold it is beginning to look less like an actual attack against iTunes. It simply appears to be a select group of individuals who have had unauthorized access to their accounts.

Acts of this type happen on a daily basis. In the modern age of fast flowing information users fall susceptible to scams such as phishing very easily. Users also are not well off when it comes to the process of creating passwords. Statistically speaking, most users on the Internet use common phrases or guessable answers when it comes to the passwords that they use with their accounts. A lot even use the same weak password for everything so it is no secret that often times there will be those that cry out about people compromising their account.

When an attacker gains unauthorized access to an user account they may not always use it themselves. Often times large lists of passwords can be found floating around the Internet for sale to the highest bidder. These lists also can be chopped up and sold to different individuals who all share bad motives. The larger a website gets, the likelihood of people using malicious means of benefitting themselves also gets larger. With the size of the iTunes App Store there is the chance of fraud being committed on it everyday.

There is no official word yet from Apple regarding the incident, but it is a holiday so I doubt we would see it until Tuesday. Even without the report, it still seems unlikely that an actual exploit was gained access to within iTunes resulting in “hacking” occurring. This brings me to the point of this blog post. I believe that this word is being too easily used and as a result it is causing mass hysteria. This whole incident is really blown out of proportion. Unless there is actual exploitation of the iTunes stores backend I do not see how simple fraud committed by an individual can constitute the use of the word “hacking.”

Do not take this the wrong way. I am not saying that Apple is not vulnerable. Any large company is. With the size that they are there is always the possibility of an exploit within hundreds of thousands if not millions of line of code that the store is built upon, but I think media companies should really do a better job at investigating before they report such an occurrence. There is no need for mass panic if there is no actual exploit. Just some weak passwords at use. The best suggestion would be to change passwords and move on. As MacRumors.com said, they get reports of “hacked” accounts every now and then, but there is no reason to make a big fuss out of it.