Sick of pointless in-app purchases for a game, a Russian hacker figured out a way to fool the iOS apps, making them beliee you actually buy content when you’re really not. The system looks pretty straightforward : a few certificates installed on the device, a custom DNS and a proxy that tells the app what it wants to hear. Doesn’t even require jailbreaking.
It only works for purchases that are validated on the device, not with a custom server validation. Most of the apps don’t use server validation though.
The fact that Borodin’s hack exploits an apparent weakness with Apple’s system is unlikely to sit well with app makers. “The whole point of the [in-app purchase] system and the App Store is that you shouldn’t have to worry about the system,” Tabini said. “Otherwise, what are you giving Apple its 30 percent for?”
More to the point, app makers are more likely to rely on Apple’s receipt validation approach than building their own solution. “I’m willing to bet that 99 percent of all developers validate on iOS because it’s a lot of extra work to setup a server that does the validation,” developer Craig Hockenberry told Macworld.
This could be a major hurt for Apple since there is apparently no way of fixing this issue without changing how the in-app purchase system works, thus requiring system and app updates.