Apple takes steps to block iOS in-app purchase hackApple has enacted measures to block a hack that can allow users to obtain in-app purchases through the iOS App store for free.
The IP addresses used by a Russian hacker for the exploit were blocked over the weekend, according to The Next Web. Apple also reportedly issued a takedown request against the servers used, and issued a copyright claim to remove the YouTube video that showed users how to utilize the exploit.
In addition, PayPal issued a block on hacker Alexey V. Borodin's account, preventing him from collecting donations for violating its terms of service.
The hack, which entails installing forged digital certificates onto an iOS device and connecting to a unique DNS server, was first publicized last week. Apple quickly issued a statement to say it was investigating the matter, adding that the company takes "reports of fraudulent activity very seriously."
Prior to Apple's takedown efforts, Borodin claimed that his method had already been used to process more than 30,000 illegal in-app payment requests. However, the hack has not been completely quashed, as Borodin continues to find ways to keep the exploit alive.
Screenshot of Borodin's in-app purchasing workaround being used on CSR Racing. | ZonD80's YouTube channel
Apple's current methods to block the hack are likely a short-term fix. Developers believe a more permanent solution would be easy for Apple to create, though it would likely require a software update for iPhone and iPad users.
Apple first introduced in-app purchases with the release of iOS 3.0 in 2009. The feature was initially limited to paid applications, but was made available to free apps later that year. Apple takes a 30 percent cut of revenue generated from in-app purchases.
On Topic: iPhone
- 'iPhone 7' production affected by low yields on waterproof speaker, dual camera - report
- Intel plots attack on Apple's partnership with TSMC, looks to build A-series chips by 2018
- Apple again rumored to axe iPhone home button in 2017
- Apple to integrate Japan's FeliCa tap-to-pay standard in next-gen iPhone, report says
- Dangerous, targeted iPhone attack nullified by Apple with iOS 9.3.5 patch