In-App Purchase is Cracked By A Russian Hacker For The Free Downloading in iOS Applications [Video]

by monis on July 13, 2012 · 0 comments

Filed in: Apps,Appstore,iOS 5

The tale of users installing pirated applications in their iDevices is not new. Well, it’s one of the reason why most of the iOS users JailBreak their iDevices. Until now, one thing which they couldn’t do is to download in-app content inside cracked applications for free. Of course, it was certainly great for developers because they had a permanent solution. Not anymore, because a Russian hackers has figured  out a way to steal in-app content from these applications.

Due to the fact that this method doesn’t even require you to JailBreak your iDevice, it’s more vulnerable than any other method in iOS. It’s so darn easy that a newbie can perform this three step method without issues. It works on all iOS firmwares, starting from iOS 3.0 to iOS 6.0. However, this ‘in-app proxy method’ may fail for certain applications or regions, but it works in most of the cases.

The video cannot be shown at the moment. Please try again later.

Our main motive is not to encourage piracy. We just want Apple community to take notice of it and close the method as soon as possible. The hacker named ‘ZonD80′ has also posted a video demonstrations of the same telling people on how to perform the method. The first two steps include the installation of the certificates – CA, in-appstore.com and changing of DNS record in wifi settings. Once you have installed all three of them, you would be thrown with a dialogue box above the in-app purchase.

We do hope Apple would close this method soon. It sounds more serious than previous other JailBreak exploits since it doesn’t require a user to have a JailBroken device. As Apple hasn’t yet pushed a software update for the last JailBreak, there’s a probability that fix for this method could be delayed as well. What do you think? Does Apple need to release a firmware soon? Let’s know in comments.



You can subscribe to us via RSS or EMAIL