Reports are pouring in on Apple’s discussion forums from a number of users who are claiming that their iCloud accounts have been compromised. These users claim that spam is being generated from their accounts to the contacts in their list, which essentially means that their account has been hacked.
The spam generated from the compromised iCloud accounts is typical. It lures the contacts in the user’s contact list to navigate to money-making sites and other classic spam spoofs.
While if a user or two had complained about this, it would have been different. But now that whole scores of users are reporting the very same problem, it does seem that perhaps Apple’s iCloud has been hacked into and user accounts have been compromised.
However, there is another possibility. Spammers may have been able to somehow access the contact list of a user without actually hacking his account. All they have to do then is to send spam to them while appearing to be the real user, which is quite easy. Email faking is quite common and can be accomplished through quite simple tools.
Given the multiple sources at which user data is typically placed these days, it wouldn’t be a surprise if it is eventually released that user contacts have been compromised through some service other than iCloud. However, equally possible is the happening that iCloud itself has been hacked and Apple’s much-touted fool-proof system has somehow been cracked by some notorious group.
So far, Apple hasn’t commented on the situation and it is only a statement from Apple or authentic opinion from a security expert that can spell out what exactly happened. We will keep you posted on the issue as soon as more details emerge.
Source: Apple discussion forum
Courtesy: CNET
[ttjad keyword=”ipad”]
The spam messages are in the user’s Sent mail folder, and the headers show them having been sent via the icloud webmail interface accessed by foreign IPs. At least one user had said those contacts were only in iCloud. A few users have said they don’t regularly use their @me.com email account nor even icloud. Other topics have appeared from daily users not about such spam, but about suddenly being locked out of their account. Daily users probably using email multiple times a day are perhaps noticing the password change as the first indication that anything is wrong, whereas rare users wouldn’t even know until it’s too late?