Engadget reports that Apple has issued a statement on strange App Store rankings over the weekend that saw one Vietnamese developer grab nearly all of the top 50 positions in the App Store's Books category. While initial reports wondered if the App Store itself may have been hacked, in actuality it appears that a relatively small number of iTunes Store accounts compromised through other means were used to purchase the applications to drive their increase in ranking.
According to the statement released by Apple, the developer in question has been removed from the App Store for violation of the developer terms. The company also reminds users who have had their iTunes Store accounts or credit card numbers compromised to contact their financial institutions to request chargebacks and to change their passwords. Apple's statement reads:
The developer Thuat Nguyen and his apps were removed from the App Store for violating the developer Program License Agreement, including fraudulent purchase patterns.
Developers do not receive any iTunes confidential customer data when an app is downloaded.
If your credit card or iTunes password is stolen and used on iTunes we recommend that you contact your financial institution and inquire about canceling the card and issuing a chargeback for any unauthorized transactions. We also recommend that you change your iTunes account password immediately. For more information on best practices for password security visit http://www.apple.com/support/itunes.
With over 100 million iTunes Store accounts, it is inevitable that some number of accounts will be compromised through any of a variety of reasons, from random guessing of passwords to social engineering tactics such as phishing. A concerted effort could easily gather information for a very small proportion of accounts, but still offer the ability to affect rankings in low-traffic App Store categories such as Books.
