Apple Blocks Servers Used for In-App Purchases Hack, Service Still Operational

Posted July 16, 2012 at 1:49pm by iClarified | Please help us and submit a translation by clicking here | 8262 views

Apple has blocked servers used to obtain in-app purchases for free; however, the hacker behind the exploit, Alexey V. Borodin, has managed to keep his service operational, reports TNW.

Blocking the original 'attack' route, Borodin sidestepped the authentication issue by migrating the service to a new server. Apple was able to pressure the host of the original server -- which was located in Russia -- into dropping Borodin's service, but according to the Russian hacker, the new server is hosted in an offshore country in an attempt to evade Apple's legal requests.

Borodin tells us that the new service has been updated and cuts out Apple's servers, "improving" the protocol to include its own authorisation and transaction processes. The new method "can and will not reach the App Store anymore, so the proxy (or caching) feature has been disabled."


The hacker has also updated the service to require that users be signed out of their iTunes account in order to mitigate claims that he is logging user information. "They [the users] need to sign out so they don't scream to the Internet that I am stealing their credentials."

It still appears that apps which properly validate in-app purchase receipts are unaffected by the hack; however, many apps do not do this. Borodin wants Apple to adapt its APIs or place new blocks on its service.

Of course, we recommend users do not use this service but rather continue to support developers with legitimate in-app purchases.

Read More [via TNW]


Share
Add Comment
3abbid - July 16, 2012 at 1:57pm
I already bought the app for 1.99.. I am not paying 19$ for stupid points or stars! I donated for the IAP cracker app, because i love it... They have got support anytime!
Follow iClarified
Halo Back Screen Protector Adds a Back Button to Your iPhone [Video]
Halo Back, is a screen protector dubbed the '...
18K Gold Plated Apple Watch and Link Bracelet [Photos]
Check out this stainless steel Apple Watch wi...
How to Add a Startup Sound to Mac OS X
Instructions on how to set a startup sound fo...
Gold Apple Watch Edition Unboxing [Video]
Apple is starting to deliver gold Apple Watch...
Mozilla is Recruiting Beta Testers for the iOS Version of Firefox
Mozilla is getting closer to releasing Firefo...