Apple seem to have leaked iCloud email addresses?

tigres · Apr 23, 2013

mentaluproar said:
Do you pirate software or install anything because an ad tells you? If not, you're fine

No, no.

I just don't get how my main email from .mac (that nobody has, nor do I use), can suddenly just get slammed.

something leaked, and i was not the one who did it.
I am anal about using alias's, in fact when one gets spammed I just stop that account from receiving and move on to the other one of 5.

jimb101 · Apr 23, 2013

I agree. Just yesterday? Dozens of spam - automated.

Coming from different email addresses but with the same or similar names. Often, but not always with the same ".ru"

The come so quickly they have the same timestamp.

silvetti · Apr 29, 2013

Tip for you guys (if you don't use gmail as a forward to @me), create an alias, i created with my name etc.other@icloud.com and I use this address for all registrations, I do not trust Macrumors with my real email even

GoCubsGo · May 30, 2013

I notice this is happening again. It starts slow and it's now back to about 2 dozen spam messages a day on an address I do not use. Time to remove it again from my iOS devices, it is a constant annoyance. Apple needs to fix this ****.

hystery · May 30, 2013

Is it secure enough to be used principally? I've got Gmail, iCloud and carrier email address and choosing only one of them to use by forwarding other emails to the one.
2 step verification is not even available for my country. Is anybody using iCloud as main, I wonder.

Switchback666 · May 30, 2013

hystery said:
Is it secure enough to be used principally? I've got Gmail, iCloud and carrier email address and choosing only one of them to use by forwarding other emails to the one.
2 step verification is not even available for my country. Is anybody using iCloud as main, I wonder.

Hmm im actually using iCloud as "main" for my freelance jobs, so far no spam

atleast inbox (i do not check junk box).

hystery · May 31, 2013

Switchback666 said:
Hmm im actually using iCloud as "main" for my freelance jobs, so far no spam atleast inbox (i do not check junk box).

Ive changed my pass to more secure 26 length random thanks to 1Password, i decided to use only iCloud. Realized that the best solution is to change pass fairly frequently...

Switchback666 · May 31, 2013

hystery said:
Ive changed my pass to more secure 26 length random thanks to 1Password, i decided to use only iCloud. Realized that the best solution is to change pass fairly frequently...

Is there an option like other services were you can choose to force change password every 'x' days ?

hystery · May 31, 2013

Switchback666 said:
Is there an option like other services were you can choose to force change password every 'x' days ?

Nah, unfortunately no. I meant that usually changing pass many times is painful but 1Password makes it easier and more accessible.
I wish if Apple releases something like onetime pass gen app using iphone unique id... Hope it gets better soon.

0970373 · Jun 19, 2013

tigres said:
No, no.

I just don't get how my main email from .mac (that nobody has, nor do I use), can suddenly just get slammed.

something leaked, and i was not the one who did it.
I am anal about using alias's, in fact when one gets spammed I just stop that account from receiving and move on to the other one of 5.

Ditto. All the spam has been coming to the main email which I do not use for any general purposes or register for anything on any website. Whatever the problem is, the amount of spam I've been getting is getting really annoying.

JMountainDew · Jun 19, 2013

I'm getting more spam again this week. Seems to come in waves. Have never used my icloud address for anything, nor do I have any spyware, nor do I allow third party cookies. (I also clear cookies and history after closing Safari.) IMO it had to be a leak.

dejo · Jun 20, 2013

tigres said:
I just don't get how my main email from .mac (that nobody has, nor do I use), can suddenly just get slammed.

something leaked, and i was not the one who did it

It's been mentioned in this thread before, but I think it bears repeating. There is also the possibility (and it's a pretty strong possibility, IMHO) that the spammers are just guessing at email addresses (or using programs to iterate over the possibilities; I can easily visualize a system of generating email addresses, removing those that come back undeliverable, and thus the remaining ones are viable targets).

fordfan · Jul 3, 2013

Recently I have been getting spam to my @me.com address and the emails are all generated from (info @ xx.mac.com), xx denoting a set of random letters. (today they were from "e" and yesterday "aq".) something is odd as they are using the .mac.com domain.

I have been reporting all of the emails to apple but to no avail.

Does anyone have any insight to this annoying problem?

Bear · Jul 3, 2013

fordfan said:
Recently I have been getting spam to my @me.com address and the emails are all generated from (info @ xx.mac.com), xx denoting a set of random letters. (today they were from "e" and yesterday "aq".) something is odd as they are using the .mac.com domain.

I have been reporting all of the emails to apple but to no avail.

Does anyone have any insight to this annoying problem?

Just one note. What an email says in "From" may not be where the messages are actually from. You would have to look at the full headers in the raw message to see where the message is actually from. And do not that some of the lines in the raw headers could be forgeries to help obscure the issue.

tigres · Jul 5, 2013

Another round last eve to a recent alias account.

Time to delete that one. 23 spam in 12 hours.

fivedots · Jul 5, 2013

If you or anybody uses the same XXXXXX@whatever.com on another service, that is the likely culprit.

They are simply splitting out usernames they know exist and affixing common email domains.

macfanatic9182 · Sep 21, 2013

fivedots said:
If you or anybody uses the same XXXXXX@whatever.com on another service, that is the likely culprit.

They are simply splitting out usernames they know exist and affixing common email domains.

I came across this thread through a spamhaus ROKSO listing

http://www.spamhaus.org/rokso/evide...le-seem-to-have-leaked-icloud-email-addresses

It seems as if we have all been getting spammed from Daniel Alvarez, Christopher Young, and Dennis Gill. This looks like a very serious situation that affects all providers and not just the iCloud accounts.

On http://knujon.com/ - it looks like an ip that they own is actually the most spammed IP in the world. Judging by the number of complaints they receive; it would not shock me at all if they sent pharmacy spam. I hope Apple will further investigate these individuals to see how they acquired my email address' and others to see if in fact it was a security flaw that allowed the emails to be leaked.

Further investigation of an IP that Spamhaus has listed as under their control http://knujon.com/ips/199.38.203.91.html shows:

cardigit.net - 258 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
aromaris.net - 257 - 7/22/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
healtelm.net - 288 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
commerpl.net - 263 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
lateknot.net - 276 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
cinequit.net - 284 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
chrislar.net - 247 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
chottler.biz - 261 - 8/9/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - ENOM
chethspe.net - 260 - 7/22/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
cheryost.net - 320 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
cubithum.net - 268 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
carrepsi.net - 294 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
danairve.biz - 284 - 8/4/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - ENOM
logitail.net - 310 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
btelyner.net - 313 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
bruynner.net - 255 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT
bindarma.biz - 247 - 8/7/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - ENOM
markield.biz - 284 - 8/4/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - ENOM
matellam.com - 242 - 7/9/2013 - 9/18/2013 - FAIL - NS1.WATCH-TOWER-SYSTEMS.COM - 199.38.203.91 - ENOM
mccorerg.net - 311 - 7/30/2013 - 9/18/2013 - FAIL - NS1.TRUECENTERINC.COM - 199.38.203.91 - DYNADOT

Knujon shows that the domains are not working anymore but seems like the page directs a blank page. Perhaps a trick they use to trick knujon.com into thinking the domain has been suspended. It looks like they bounce from one registrar to another buying randomword.biz/net/com domains in order to get around the spam filters.

i'm tired of the ******** Dr. Oz spam and I hope Daniel Alvarez, Christopher Young, and Dennis Gill and whoever else is in their gang gets put in the slammer soon.

Search

Search

Apple seem to have leaked iCloud email addresses?

tigres

macrumors 601

jimb101

macrumors newbie

silvetti

macrumors 6502a

GoCubsGo

macrumors Nehalem

hystery

macrumors member

Switchback666

macrumors 68000

hystery

macrumors member

Switchback666

macrumors 68000

hystery

macrumors member

0970373

Suspended

JMountainDew

macrumors regular

dejo

Moderator emeritus

fordfan

macrumors newbie

Bear

macrumors G3

tigres

macrumors 601

fivedots

macrumors 6502a

macfanatic9182

macrumors newbie

Our Staff