Codebreaker

Infinite loophole for purchasing apps

Marc Sanchez Jul 16, 2012

Russian hacker Alexey Borodin has found a pretty simple way make free in-app purchases on any Apple apps. Simple, of course, involves doing things like downloading a couple security certificates and changing a setting in your iPhone, which might scare off those of you who want to keep your phone running like new. If you’re willing to go through with altering your phone, you will then be able to go into apps and “buy” add-ons for the cost of f-r-e-e.

Gizmodo writes:

Most iOS games rely on in-app purchases to get money, so this is pretty bad for developers. It’s also quite a big security breach for Apple, which likes to brag about how safe and perfect its App Store ecosystem is.

Apple is looking into the problem and will, most likely, issue an update. And if you’re the type to go hunting around for instructions on just how to score these “free” in-app purchases, check out what the Guardian is saying:

A significant number of apps appear to be affected, but there are risks implicit in using Borodin’s system, because his site could see users’ Apple ID and password – which could then be used to defraud users.


Is saving .99 cents really worth it?

As a nonprofit news organization, our future depends on listeners like you who believe in the power of public service journalism.

Your investment in Marketplace helps us remain paywall-free and ensures everyone has access to trustworthy, unbiased news and information, regardless of their ability to pay.

Donate today — in any amount — to become a Marketplace Investor. Now more than ever, your commitment makes a difference.