The mysterious case of the unauthorised iTunes Store purchases

Glenn Fleishman
10 February, 2015
View more articles fromthe author

Apple remote, macworld australiaOn January 19, I received an email from Apple’s iTunes Store containing a list of songs I had recently purchased. The only problem? I hadn’t bought any of them.

Now, I’m highly paranoid about account issues, and have two-step verification enabled on both of my Apple IDs. I checked to make sure no other settings had been changed and I hadn’t seen any telltales of my account being cracked.

While I’m not an active target of abuse, I have waded into the GamerGate controversy, although purchasing about $8 in songs hardly seemed like something done to harass. Perhaps it was a ‘pilot fish’, an attempt to probe at a weakness, see if it could be exploited, and then used for worse ends? One of the songs was Mike Oldfield’s ‘Tubular Bells’, better known as the theme to the movie The Omen, which did seem a bit ominous.

I contacted Apple’s iTunes Store through links for reporting unauthorised or unwanted purchases, explained that I hadn’t bought the songs in question, and the charges were reversed. I had to schedule a call with a specialist to get my iTunes Store access unlocked, but my Apple ID remained active. So far, so good. I thought perhaps it was database corruption or some glitch in the system. With the volume Apple handles, unlikely events must occur, however infrequently.

Apple TV

The songs were purchased by an Apple TV that I almost never use.


Two weeks later, at midnight, I received a notification that a pre-order is ready to download. The trouble again? I hadn’t pre-ordered the song. I contacted Apple to see if something else was afoot. (It turned out the song in question was pre-ordered with the set of purchases I’d had reversed, and was delivered when available, so this wasn’t a new incident.)

I gave Apple permission to rifle my records, and they were able to pinpoint the date, time and device: an Apple TV on a Sunday evening, January 18. Curiouser and curiouser. While we own a 3rd-generation Apple TV, we rarely use it at this point.

How did we make a purchase from a device we didn’t use? Then I realised the culprit: an Apple Remote.

eyetv hybrid 2014 superb quality stick

An EyeTV lets you watch over-the-air TV on your Mac, and you can control it with an Apple Remote.


Early that Sunday, the power had gone out for 14 hours due to a windstorm that brought down trees in our neighbourhood. The power resumed mid-afternoon, and that evening, my kids and I were watching broadcast TV from a Mac mini captured by an old eyeTV tuner – which we controlled with an old white infrared Apple Remote.

Now, we’ve had that white Apple Remote for several years. The Apple TV is paired with a newer aluminium Apple Remote, and never the twain had met. Until now. Given that we’ve used both remotes separately for years, we must have hit some peculiar set of circumstances in which the white Apple Remote trained to the Apple TV. (I can’t tell if the power outage was the culprit, but the command sequence to pair is “press and hold the Menu and Next/Fast-forward buttons for 6 seconds” – and I certainly didn’t press that sequence!)

Then, while pausing, selecting menu items and otherwise controlling the eyeTV software, I was also invisibly navigating the iTunes Store on the Apple TV and purchasing songs. The sequence of purchases then made sense: all M’s – Mike Oldfield, ‘Mess Is Mine’ by Vance Joy, and MisterWives. (No offence to the artists in question; I don’t know their work at all, other than Oldfield.)

All that remained was to unpair the white Apple Remote from the Apple TV to get rid of the ghost in the machine.

Leave a Comment

Please keep your comments friendly on the topic.

Contact us