Posting email I received from Andrew Storms, director of security ops at nCircle Network Security:
There are absolutely enough key indicators here to warrant concern. The Pystar folks simply aren't escaping from this one unharmed. Lets start with Apple. They will most certainly sue under the terms of their EULA. Despite the outcome of any lawsuit, Apple has enough cash to send Pystar to bankruptcy regardless. Next, the consumers are going to have field day on this. If Pystar fails to deliver a product and they took credit cards, expect more lawsuits. This all assumes that Pystar is truly attempting to run a legitimate business.
What if they really aren't so innocent and they are in the business of crime? We already have a number of crimes committed which will send them to jail for a long time. Lets start with fraudulently collecting credit card numbers and misrepresenting themselves to the public. And now according to the Gizmodo piece, it appears that the same people are running a website which may be hosting malware. Let us not forget that these people and the websites are located in the US. Nobody launches or runs Internet based attacks from inside the US, its an instant go directly to jail coupon. I bet the FBI is already on the case and has these people under surveillance.