Remember the in-app purchase exploit that allowed people to make in-app purchases without paying for them? Well, it looks like Apple has caught wind of the story and is currently investigating the problem. No word on how such an exploit managed to get under the noses of Apple security, but I guess it’s a good thing they’re looking into the problem and not ignoring it or pretending it wasn’t a huge concern – according to reports online, over 30,000 in-app purchases have already been made using the service.
Here’s an explanation from CNET of how the exploit works: “The technology behind the exploit re-routes in-app purchase requests. Instead of going to Apple, or a developer’s secured server, they go to an external server which pretends to be Apple giving it the OK. The setup requires installing two special security certificates on the phone, as well as making purchases when on Wi-Fi with modified DNS settings, meaning it doesn’t just work without some modifications.”
The website that hosted the details on how to enable it has already been given a takedown notice, so I guess that’s the first step. We’ll keep you posted on what happens next.
Next Story: Georgie Android app brings hope to the blind
- 2014-04-11: Mathematicians Develop App That Will Supposedly Eliminate Jetlag
- 2014-04-11: Hitman GO Arriving On iOS 17th April
- 2014-04-10: Amazon Announces Acquisition Of ComiXology
- 2014-04-10: Google's New Calendar App Gets A Visual Overhaul
- 2014-04-09: Mobile Gamers Tend To Quit After One Day, According To Study
- 2013-04-15: AppGratis Starts Petition Hoping To Revert App Removal
- 2013-01-17: Temple Run 2 Dashes To The Top Of App Store
- 2013-01-07: App Store Hits 40 Billion Downloads
- 2012-12-20: Google Play Is Growing Faster, While Apple's App Store Is Earning More Money [Report]
- 2012-07-13: App Store in-app purchases circumvented by hacker