Apple Taking Action Against ‘Free In-App Purchase’ Hack

Apple Taking Action Against ‘Free In-App Purchase’ Hack

Following last week’s report that a Russian hacker had discovered how to cheat developers out of payment for In-App Purchase items, Apple has now begun taking action to permanently disable the hack, including blocking the IP address of the server used by the Russian hacker.

TheNextWeb reports

Apple has begun taking steps to limit the impact of a flaw in its iOS in-app purchasing mechanism that allows iDevice owners to download free in-game content, but despite its initial efforts, the service remains operational.

Over the weekend, Apple began blocking the IP address of the server used by Russian hacker Alexey V. Borodin to authenticate purchases.

It followed this up with a takedown request on the original server, taking down third-party authentication with it, also issuing a copyright claim on the overview video Borodin used to document the circumvention method. PayPal also got involved, placing a block on the original donation account for violating its terms of service.

Besides stealing from developers, the hack also initially posed a security risk that could have allowed the hacker to steal iTunes account information from users, although the hacker insists that he has now made changes to eliminate that concern.

…cuts out Apple’s servers, ‘improving’ the protocol to include its own authorisation and transaction processes. The new method ‘can and will not reach the App Store anymore, so the proxy (or caching) feature has been disabled’”

Apple also issued a statement on Friday asserting that they would look into the problem. Unfortunately, despite Apple’s efforts so far, the service is still up, and the hacker responsible continues to work around the roadblocks put in place by Apple, including moving their service to another server in Russia.

Apparently some people are extremely determined to steal from Apple and developers, which raises an interesting question: Is it really worth all that effort just to save a few bucks on Smurfberries?

Related

  1. Woz Defends MegaUpload Founder Kim Dotcom
  2. United Continental CFO Zane Rowe Joins Apple As VP of Sales
  3. Tim Cook and the New Apple
  4. Walmart is Offering the 16GB iPad 2 for $299
  5. Pixelmator 2.2 ‘Blueberry’ Hits the Mac App Store – With Over 100 New Features!
  6. Black Friday: Windows Notebook Sales Down 10%, Mac Sales Flat
Apple Giveaways

iPhone X Giveaway

$999

Enter

MacBook Pro Giveaway

$1499.00

Enter

10.5″ iPad Pro Giveaway

$649.00

Enter

iPhone 8 Plus Giveaway

$800.00

Enter
Share