There is a huge, thriving underground economy involved in the theft, sale, manufacture and abuse of Apple IDs, Palo Alto Networks researcher Claud Xiao told the BSides SF hacker conference in San Francisco. "The problem is, Apple IDs are used with too many services," Xiao said as he showed a slide listing 20 different Apple services accessible with an Apple ID, including the App Store, Apple Music, the Apple Online Store, iCloud, Find My iPhone, iMessage and the Mac App Store. "Every feature can be abused to make a profit." He explained that Apple IDs can be exploited to squeeze money out of almost any aspect of the Apple ecosystem, from deceiving users with spam Apple Messages, to locking users out of their devices and demanding ransom, to artificially pumping up the user ratings of dodgy apps so that they rank in the Top 10 on the App Store. Important Tip: Xiao didn't point it out, but some of the Apple ID thefts and abuses could be prevented by users implementing the two-factor authentication offered by Apple.
Feb-14-2017, 18:45:07 GMT