Report: Chinese iTunes Accounts Apparently Compromised to Artificially Boost Domestic App Rankings


If you’ve got an iTunes account in China, you might want to log in and check out your downloaded apps section. According to this Sina Tech report, Chinese users who’ve been doing that over the past few days have been finding something suspicious: their already-purchased apps screen includes lots of apps they never actually downloaded, most of them domestic mobile games. They began to report this on Sina Weibo and on a popular app discussion forum called iApps, where the editorial team began collecting reports and quickly determined this was not an isolated incident. The scope is not entirely clear, but it seems to be affecting quite a few users.

One user's iTunes account. The apps circled in red are ones the user says they never downloaded.

One user’s iTunes account. The apps circled in red are ones the user says they never downloaded.

After looking at which specific apps were appearing as purchased even though users had never actually downloaded them, iApps’s editors found that many of them were also apps that rank fairly highly on Apple’s China app charts. They thus concluded that these phantom downloads were the work of an app-promotion company that somehow gained access to user accounts and exploited this access by downloading the apps it was looking to promote, thus pushing them higher up Apple’s regional app charts.

It’s an explanation that makes sense, but Apple has yet to officially confirm or deny that anyone was able to somehow access Chinese iTunes users’ accounts. It’s also not clear how these accounts were accessed; the iApps investigation speculates that it could be related to jailbreaking, the use of third-party syncing apps, or any number of other possibilities. Some have also suggested it could be related to the recent hacking of Apple’s developer site, but that seems unlikely given that that hack appears to have been the work of a bug-testing security researcher with no ill intentions. User reports seem to vary quite a bit, and the accurate-but-unsatisfying answer is that no one seems to really know yet how these accounts were breached.

We’ve reached out to Apple for comment and will update this post if we hear back. In the meantime, Chinese Apple users should check their accounts and contact Apple support immediately if they discover anything suspicious.

(And yes, we're serious about ethics and transparency. More information here.)

Read More