Hacker reveals method to get around Apple's in-app purchasing system

Hacker reveals method to get around Apple's in-app purchasing system

PanARMENIAN.Net - A Russian developer has published a method of obtaining in-app purchases from iOS apps for free, 9to5mac reports.

First noticed by Russian blog i-ekb.ru, the “in-app proxy” method does not require a jailbreak, can be completed by novices in three steps using just an iOS device, and allows users to install in-app content for free. The hack also works on all devices running iOS 3.0 to 6.0.

Russian developer ZonD80 appears to run a website called In-AppStore.com where donations are being accepted to support the development of the project and help keep servers up and running. The developer explained the three steps of the hack, which include the installation of CA certificate, the installation of in-appstore.com certificate, and the changing of DNS record in wi-fi settings. After the quick process, users are presented with a message when installing in-app purchases, opposed to Apple’s usual purchase confirmation dialog.

 Top stories
"These attacks again underline the fact that criminals will exploit any vulnerability in any system," said Sanjay Virmani.
If the companies had lost the case and damages were awarded, they could have tripled to some $9bn under U.S. antitrust laws.
11 EU interior ministers called on major Internet providers to swiftly report and remove material that could “incite hatred and terror.”
"We've checked and there's nothing wrong on our end," a Singapore-based spokesman for Google said in an email.
Partner news