This morning a story started circulating about a Russian hacker who had hijacked Apple’s in-app purchasing system in iOS. Alexey Borodin had figured out how to intercept in-app purchases within App Store apps to get free access to content. The most disturbing part of the “hack” was that it is actually fairly simple to replicate on any (non-jailbroken) iOS device.
Apple has now responded with an official statement saying that it is looking into the issue.
The Loop reports:
“The security of the App Store is incredibly important to us and the developer community,” Apple representative Natalie Harrison, told The Loop. “We take reports of fraudulent activity very seriously and we are investigating.”
The Next Web has an interview with Borodin that details the process of how he was able to trick Apple’s in-app purchasing system, including how the problem can be fixed. Until Apple takes initiative, it’s theoretically possible for anyone with the right steps (and guts) to access any in-app purchase for free.
Source: The Loop