Hacker Breaks Apple iOS Purchase System, Gets Away with It

 

It seemed like things at Apple were rolling in smooth. The company was steadily receiving its daily dose of gazillion dollars, comfortably plump and lazy. But the iPad maker got a real scare… perhaps the first to interrupt its beauty sleep for quite some time.

evil-appleRussian hacker Alexey Borodin hacked the purchasing system for iOS apps, making any purchases within apps free for users. Clearly alarmed, Apple got big and ugly with Borodin. First, the Cupertino Giant blocked Borodin’s IP address. Then, the company issued a takedown request for the hacker’s server and finally petitioned PayPal to close Borodin’s funding account.

The Russian hacker was no match for Apple. He just simply moved his server to another country and got a donation fund going.

Borodin has been very vocal about Apple’s lack of security measures and inadequate APIs. The Russian native uploaded a video http://www.youtube.com/watch?v=OqJppayqnfM and declared that Apple, not he, should fix the issue… Apple was actually transferring its users’ ID’s and passwords without any kind of encryption

The technique Borodin used to implement the hack is actually quite simple. The Russian installed a certificate to emulate the verification receipt from the Apple App Store.

SOURCE: http://www.zdnet.com/apple-tries-to-block-ios-in-app-purchase-hack-fails-7000000985/

About these ads

About Juan Balcazar

Microsoft expert and tech enthusiast. Talking all things Xbox, Windows, and Windows Phone.

Speak your Mind

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s