Sloppy coding in some popular iOS games allows hackers to give themselves and others thousands of dollars’ worth of in-app purchases for free.

The hole was discovered by developers at DigiDNA, creator of a backup tool called iMazing that allows iPhone and iPad users to access their devices’ hidden file systems. The developers found that the app backup/restore feature in iMazing 1.3 exposes weaknesses in the way games like Angry Birds 2 and Tetris Free handle in-app purchases.

To demonstrate how easy it is to hack in-app purchases using this method, the DigiDNA team tweaked Angry Birds 2 to start the game with 999,999,999 gems — the equivalent of $10,000 of in-game credits.

The App Store suffered its worst security breach in history over the weekend, when it was discovered that hundreds of Chinese apps have a malicious program dubbed ‘XcodeGhost’ embedded in their software.

The huge security lapse made its way into legitimate apps thanks to Chinese developers who used a counterfeit version of Apple’s Xcode software that was uploaded to file sharing service Baidu. By using XcodeGhost to compile their apps, developers accidentally allowed the malicious code to be distributed through the App Store.

Apple has pulled infected apps off the store to stop stop the spread, but users still need to delete XcodeGhost apps off their devices manually. Most of the apps infected are mostly used in China, however some big name apps like WeChat, Angry Birds 2, and Didi Chuxing (Uber’s biggest rival in China) were also hit.

Here’s a full list of infected apps:

The disgruntled avians are headed your way yet again in a new game, cleverly titled Angry Birds 2, according to a fairly vague website and trailer from Finnish developer Rovio.

Details are scant, but here’s hoping we see more of the compelling gameplay of the first title in the series — and way less of the karting and endless running of recent releases.