The last week saw Apple's in-app purchasing system being compromised by a Russian hacker named Alexey Borodin, who used a man in the middle attack to bypass Apple's servers and enable free in-app purchases.
Although the process isn't easy, nor does it work with all purchases, it is a threat to developer revenues nonetheless, which is why Apple responded on the same day saying that its teams were working on fixing the hole exploited by this hack.
Additionally Apple is also blocking Borodin's server IP addresses to hinder the authentication process after the in-app purchase.
It appears that Apple has now started taking moves to block the in-app purchase hack. The original YouTube video the hack has been taken down, Borodin's PayPal account has been blocked and his site's servers had to be moved after the original hosting provider denied service responding to Apple's requests.
It remains to be seen whether an OS upgrade and a change in the in-app purchase process fixes this.\
\
Despite all these hindrances, Borodin still runs the service successfully, working around all these restrictions imposed by Apple.
0 comments:
Post a Comment