Working with clients in North America, the firm, which helps mobile operators detect and block mobile attacks, revealed the hack after months of research.
AdaptiveMobile believes hackers in China have compromised thousands of North American Apple customers’ iCloud accounts before sending spam touting counterfeit goods to recipients also based in China.
While some 3,200 customer accounts have been hacked, up to 100,000 end users may have been on the receiving end of the spam messages, according to Cathal McDaid, the head of AdaptiveMobile’s threat intelligence unit.
“We can say confidently in North America, at least 3,000 people have had their iCloud accounts hacked and used to send text messages. And around the world, I would say certainly several thousand people have been affected by this,” he said.
“Then on the other side, anything up to possibly 100,000 people are receiving these types of messages because we’ve seen hundreds of thousands of messages being sent in just a two-month period in July and August.”
No Irish users are understood to have been affected, to date.
The company, which works with the likes of Vodafone, Three, and BT in the UK, has been able to help stop the attacks as they are detected but a complete solution will require Apple’s intervention, said Mr McDaid.
“The other main solution would be to see if Apple can do something on this side — maybe make it more difficult to pair a new device and make some sort of method where you get asked for confirmation before a new device can be paired because I don’t think this particular outcome and behaviour was foreseen when they initially developed this whole system.”
An Apple spokesperson was not immediately available to comment.
AdaptiveMobile employ 163 staff globally, with 60 based in Dublin.