The Next Web has been running a series of articles that detail how corrupt app developers have been using what they describe as “app farms” to hack into users accounts and purchase their own apps. Since originally posting the article, the first developer mentioned, “Thuat Nguyen,” has been removed from the app store, but The Next Web is reporting several other suspiciously successful developers who may be running the same kind of scam. Several users are reporting unauthorized iTunes purchases in the comments.

[inline-ad align="right"]Alexandru Brie first reported on his blog how his app (Self Help Classics) had lost its position in the top 20 in the books category to a group of “badly coded Vietnamese manga apps.” All but one without reviews, and all by the same developer, Thuat Nguyen. After being in touch with the app store team, and hearing from Phil Schiller himself that Apple was looking into the problem, Alexandru posted an update to his original story that highlighted several other suspicious developers in the top 200 apps in the books category.

In contrast, Arnold Kim wrote on MacRumors that the issue of hacked iTunes accounts is not new, and points to a running thread they’ve had open since January 2008. Kim notes that the Books category is one of the smallest, representing a tiny amount of sales compared to the millions of iTunes accounts.

Right now, there are a lot of unknowns, and some good reasons to be suspicious of how widespread the problem really is. We don’t know if the code of the app store has truly been hacked, or if the crooked developers have been using password guessing and targeting users with weak passwords. If the app store really has been “hacked,” then the strength of your password won’t matter, but I think this is unlikely. A brute force password-guessing attack goes after the weakest link: the users.

No matter how widespread the problem is, Apple should be taking it seriously. It is apparent that there are still holes in the curated “walled garden” and that the overall problem of the app store, the approval process, is still broken. How can these crooked, worthless apps get in, when some truly useful apps do not?

Post in the comments if you’ve seen any unauthorized charges on your iTunes account.

Platform-A has determined that the servers that host Third Screen Media’s corporate web site were breached during the weekend of June 6-8, 2008. The breach resulted in malicious code and web pages being loaded on the web server. Third Screen Media’s web site is supported by a third-party hosting provider, which is completely separate from its production ad-serving systems. We have confirmed that the company’s advertising systems have not been impacted and remain secure.

The site has been taken down and all malicious content has been removed. Platform-A’s technical staff is investigating the breach to determine the appropriate changes necessary to secure the systems. Once the appropriate changes have been made, the site will be made operational again.

Jeff Bentley, a reader of our site accidentally stumbled into what seems like a hack by spammers of Third Screen Media, a mobile advertising company that was acquired by AOL in 2007 for $107 million and is now part of Platform A.

While surfing on his Blackberry browser, Bentley found that somehow one his sites had been hacked and there were some spammy links embedded in the header of the pages on that site. All the links were emerging out of Third Screen Media’s domain and were pages built for pharmaceuticals related spam. Essentially Third Screen is serving as a spam-farm for someone. We have written in the past about how WordPress themes are being used to embed spam links and other nefarious stuff. (He has links to everything on his blog.)

Anyway this brings up the question: how secure is Platform A’s ThirdScreenMedia? Or is it someone from within who is mucking around and using the company’s domain to serve up spam. Blame it on the gorgeous blue skies this morning, but I am having a hard time thinking that ThirdScreen themselves could be to blame and offering spam-links as a service ;-).

PS: I will update the post after I hear back from Platform A.

Related research and analysis from GigaOM Pro:
Subscriber content. Sign up for a free trial.

• 12 tech leaders’ resolutions for 2012
• The state of cross-platform media measurement
• Social third-quarter 2012: analysis and outlook