About 50,000 illegal accounts are being sold at taobao.com, China's largest online store, at prices ranging from 1 yuan to 200 yuan. [Google]
For merely 200 yuan ($30) a pop, an Internet user in China can purchase up to $200 worth of digital products at Apple Inc's vast music, movie and applications vault.
Far from being a benevolent offer by the fruit-favoring giant, this offer is the result of the theft of iTunes user account details stollen by hackers who then auctioned them online.
The Global Times discovered Wednesday that about 50,000 illegal accounts are being sold at taobao.com, China's largest online store, at prices ranging from 1 yuan to 200 yuan.
Potential buyers are promised access to music and movies through iTunes amounting to seven times more than the amount paid.
The only restriction is that all downloads should be made within 24 hours of the transaction being completed at Taobao.
The websites show that thousands of such accounts have been sold over the past several months.
"Of course these accounts are hacked, otherwise how could they be so cheap?" a customer service representative of one of the online stores admitted to the Global Times.
He assured that the hacked accounts were safe to use due to the legitimate holders being located abroad, but he warned that the accounts needed to be used as quickly as possible. He refused to comment on the methods used to obtain the accounts.
A Global Times reporter wired $5 to a seller through Taobao's online payment system, who then provided a username and password to iTunes.
Upon accessing the account, the credit card details of a user appeared in the payment information section with a billing address in the US.
Xu Yuanzhi, a Chongqing-based IT expert who has been following the case, told the Global Times that hackers either directly hack iTunes accounts owned by foreign users or steal the details of overseas credit cards, which are then used to register several iTunes accounts for purchases.
"A 24-hour limit is out of concern that the legitimate user will discover his account being violated and cancel his card within this period," Xu said.
Apple's iTunes has become the world's biggest music retailer, with revenue at $1.3 billion in the quarter ended March 27, according to official figures.
Apple CEO Steve Jobs said in June that iTunes has more than 150 million customers' credit card numbers on file.
On Apple's homepage's Support section, hundreds of users have posted stories about hacked accounts, dating back to September.
"I never used my iTunes account ... but somehow my credit card was charged with $300," wrote "Mawsandra."
In response to the "black accounts," a customer representative at Apple China told the Global Times that the company is offering only technical support and suggested that users "better safeguard their account information."
Apple enhanced the security for iTunes in July by requiring more frequent entries of credit card security codes when making purchases, but some say the company should do more.
"Apple can easily detect any fraud were they willing to do so," Xu said, explaining that Apple is technically capable of monitoring the suspicious transactions and blocking the accounts immediately. "But they are reluctant, as doing so would affect their business."
Jin Fei, a Beijing-based Internet security expert, called the practice "organized crime."
According to Jin, there are five trojan virus production-and-distribution groups in China, with more than 300,000 people engaged in developing and selling the virus used to secure the account information.
Cai Haining, deputy director of the Committee for Information Network and High-Tech with the Lawyers' Association of China, told the Global Times that Taobao should shoulder joint responsibility for its failure to supervise the legitimacy of products being sold on its website.
"It should require sellers to stop selling products if they are found to be illegal, or it should take the blame," Cai said.
