Apple Patches Bug That Allowed In-App Purchase Hack

by Developer.com Staff

The company promises to fix the problem permanently in iOS 6.

Apple says that it now has a way for developers to prevent the hack that allowed users to make in-app purchases for free. In an unusual move, the company is giving mobile developers access to two private APIs that will allow them to fix the problem. Once developers apply the fix and users update their apps, it will wipe out fraudulent in-app purchases and prevent them from occurring again. According to Apple, iOS 6 will make the fix permanent.

Alexey Borodin, the hacker who created the in-app purchase workaround, acknowledged on his blog that the fix works. "[The] game is over," he wrote. "Currently we have no way to bypass updated APIs." Users applied Borodin's method to make an estimated 8.4 million fraudulent in-app purchases from at least 115 apps.

View article

This article was originally published on Monday Jul 23rd 2012
Mobile Site | Full Site