Hacker Exploits iOS Flaw for Free In-App Purchases

Lex Friedman:

A hack that lets iOS users trick the App Store into giving them in-app purchases for free has gone public, potentially costing app makers revenue and causing Apple a major headache. […]

Alexey V. Borodin of Russia built the in-app purchase hack, which requires several steps — including installing bogus certificates on your device, and using a specially-crafted DNS server. Those ingredients combine to fool apps into believing that they’re communicating with the App Store, when they’re actually going to a Web server that pretends to the App Store instead. Borodin told Macworld that his exploit works in part by faking — or “spoofing” — the code receipts that Apple issues for in-app purchases which developers use for validation, with the iOS device configured to mistakenly believe that those receipts are coming directly from Apple.

Dalrymple has a short “we’re on the case” statement from Apple PR. Friedman has a good interview with Borodin, worth reading through to the end. Be sure not to have anything in your mouth when you get to the closing paragraph.

Friday, 13 July 2012