Russian “In-App Purchasing” trick got Appleâ€™s attention
In the past, in-app purchasing (IAP) hacks has only been available for jailbroken iDevices. But recently, a Russian hacker developed an ingenious way to bring that work around without the jailbreak.
According to a Russian blog (i-ekb.ru), zonD80 is the man behind the hack which breaches some of the device’s security processes without having to jailbreak the iDevice. In addition, this hack works on any iPod touch, iPhone and iPad running on iOS 3 to iOS 6 and can be done by just performing two simple steps.
The hack is done by tricking app and the device by installing two certificates and altering the DNS settings of your gizmo. The DNS setting will route your requests to the hacker’s servers. After doing such, your transactions are processed on the new server, which makes the transactions to be placed without incurring actual charges. This hack, however, does not work on all apps. Pretty neat, isnâ€™t it? But here’s the catch.
Besides the fact that it is illegal, youâ€™re also putting your personal information on the line by doing the hack. If the hacker chooses to, they should be able to access your info and use it in any way possible at any given time. So unless youâ€™re certain that youâ€™re ready for any possible repercussions that this hack may entail, we suggest to not do it.
Apple had taken already taken notice of this hack and they are already on it. Our guess is that it wouldnâ€™t take long before the Cupertino-based company to iron this out. As for the Russian hacker, there’s a good chance that it would take more than a slap in the hand and an earful of sermon before this is all said and done.