Panki
BOFH
- Messages
- 13,104
Hackers found a way to unlock paid features without any money being withdrawn from the iTunes account of the user.
App-Developers use In-App purchases to sell extra levels for games or to hide advertisements. A tool for jailbroken iOS-devices has been seen on the internet which stops the In-App-Purchase requests before they reach the Apple server. The tool then fakes the answer of the server that the transaction was successfull.
According to a list with 300 apps this is in the very most of the cases successfull. But there are exceptions, as some servers check if the user has really bought the premium content. Some developers even go as far as blocking the device ID (UUID).
Source: http://www.heise.de/security/meldung/In-App-Einkaeufe-des-App-Store-geknackt-1354296.html , translated by me
App-Developers use In-App purchases to sell extra levels for games or to hide advertisements. A tool for jailbroken iOS-devices has been seen on the internet which stops the In-App-Purchase requests before they reach the Apple server. The tool then fakes the answer of the server that the transaction was successfull.
According to a list with 300 apps this is in the very most of the cases successfull. But there are exceptions, as some servers check if the user has really bought the premium content. Some developers even go as far as blocking the device ID (UUID).
Source: http://www.heise.de/security/meldung/In-App-Einkaeufe-des-App-Store-geknackt-1354296.html , translated by me
