Russian Hacker Gets Free In-App Purchases For iPhone and iPad
A Russian hacker who goes by the name of “ZonD80” has devised a way to get free in-app purchases from the Apple App Store- and it’s so simple, even non-hackers can do it. The hack has highlighted a major loophole in Apple’s highly-regarded security system, threatening their profits and their App Store’s reputation as a safe place for developers and entrepreneurs.
The hack has only three steps: download one security certificate from ZonD80′s website, then download another, then reset your DNS to one that will act as a “fake Apple App Store,” according to Gizmodo. This will tell the apps that you’ve already paid for the content, giving it to you for free.
Apple might be safe for the moment, as the hacker reports that his server has been overloaded with requests, and it would take him a few days to set up a more powerful one one if he can get it.
In response, Apple offered this statement to The Loop:
“The security of the App Store is incredibly important to us and the developer community… We take reports of fraudulent activity very seriously and we are investigating.”
What do you think? Is Apple’s security all hype?
Writer’s Note: Please don’t steal in-app purchases or other content.