Apple bans 'fraudulent' developer from iTunes
Apple has banned a Vietnamese developer from its app store after he was implicated in fraudulently pushing his titles to its best-seller list.
According to Apple, Thuat Nguyen hacked around 400 iTunes accounts, in order to use their credit card details to boost sales of his comic book apps.
Apple said it had tightened its security as a result of the hack.
It has put fraudulent activity on iTunes into the spotlight.
At one point Mr Nguyen's apps occupied 42 of the top 50 book apps sold.
In a statement Apple said that the developer and his apps have been removed from the iTunes store "for violating the developer Program License Agreement including fraudulent purchase patterns".
"The iTunes servers were not compromised. An extremely small percentage of users, 400 of the 150 million iTunes users, were impacted," it said.
It recommended that people worried that their credit card had been stolen should contact their financial institution and change their account password.
Apple said that its iTunes servers were not compromised but it has stepped up security.
It will now ask users to enter their credit card security code more frequently when making purchases on iTunes.
It is not the first time that users have complained about their iTunes accounts being hacked but it is one of the first that an app bought using compromised accounts has dominated the charts.
Amichai Shulman, chief technology officer of security firm Imperva, believes this was Mr Nguyen's biggest mistake.
"It was probably a bogus book and it was just a way to take money from one account and put it in another. If he had kept it out of the top 50 the scam may never have been detected," he said.
It is likely the details of iTunes accounts were acquired via a phishing attack or from other compromised accounts such as web mail, said Mr Shulman.
"We are seeing a trend for hackers targeting accounts such as iTunes, online poker accounts. You can monetise this kind of account very quickly," he said.
Amit Klein, the chief technology officer of Trusteer, a company which provides security for online payments, thinks Apple could do more to prevent such breaches.
"Hacks on iTunes are not so rare, there is a constant stream of reports even though they don't make the headlines. Apple could have better fraud detection and interact with iTunes users better," he said.