iOS hacker exploits flaw to get free in-app purchases

Apple are investigating an iOS exploit that allows in-app purchases to be obtained for free. The hack, which doesn’t require jailbreaking, involves installing fake certificates on an iPhone, iPad or iPod touch, and altering the device’s DNS settings. It works by tricking apps into communicating with a third-party server pretending to be Apple’s App Store.

Alexey V. Borodin, a hacker from Russia, has accepted responsibility for the exploit.

Speaking to Macworld, Borodin explained that his motivation was the game CSR Racing – which although free to download, includes a number of in-app purchases costing between £2.99 ($2.99) to £69.99 ($89.99).

“I was very angry to see that CSR Racing developer taking money from me every single breath”.

Responding to the exploit, Apple spokesperson Natalie Harrison told Macworld:

“The security of the App Store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously, and we are investigating.”

Aside from cheating developers out of money, the hack has security implications for anyone using it – Apple account IDs and passwords are transmitted in plain text, meaning they can be read by Borodin or anyone else involved.

Regardless of what you think of Borodin’s motives, he has at least exposed an apparent weakness in the methods Apple use to handle in-app purchases.

Hopefully a fix won’t be too far away.

[Via: Macworld]