Hacking news is spreading across the web. The security of androidforums.com was breached a few days ago. We also read the news that Yahoo Voices was hacked as well.
Now the latest news suggests that iOS in-app purchasing mechanism has been hacked by a savvy Russian hacker who posted a proof concept video. Check it out after the break!
9to5mac first pointed out this news which was posted first on a Russian blog i-ekb.ru. The credit is given to a Russian developer ZonD80 who runs the site In-AppStore.com. From his website, he collected donations to support development of the project.
The special thing about this method, and a worry for the jailbreak community, is that just requires a few simple steps and doesn’t need the device to be jailbroken. A report suggests the site has been put down by Apple but the developer confirms it is just under high load.
This is bad news for the fruit company. This is because once the crack is installed; anyone would be able to use in-app content free of cost in most of the apps. The method will work on all iOS devices running iOS 3.x to 6.x and is independent of the iOS version. Here’s a video showing the in-app proxy:
How to Get in-app purchases free of charge! No jailbreak required!
The instructions published are simple and require the installation of two certificates (CA and in-appstore.com) and changing the DNS record of the device located in the Wi-Fi section of the Settings. This will put the device in contact with the Russian server to circumvent the built-in protection, producing this confirmation dialogue.
In-AppStore in-app purchasing method
|Hacked In-App purchasing|
Not all the regions or apps are affected, but the first look shows the hack bypasses a large portion enough of third-party apps that support in-app purchasing to be called a major worry for the developers and the fruit company.
Update: Install In-Appstore.com Certificates and new Working DNS:
Step 1: Install the following certificates: http://18.104.22.168/certs/cacert.pem and http://22.214.171.124/certs/itcert.pem
Step 2: Connect to Wi-fi and Change your DNS to 126.96.36.199
Step 3: Now open the paid application, and try to make purchase. Instead of the standard window you should see this:
Step 4: Click like & Enjoy!
Unlockboot doesn’t like anything related to piracy. We are also against stealing what belongs to others. You might see our post on other blogs without credit attribution. If Apple doesn’t do anything, there would no use of making paid apps. Feel free to comment!