In-app purchase hacker sets sights on Mac App Store

The exploit that let users get paid digital goods inside of apps without actually paying has jumped over to Apple's Mac platform.


The exploit that allowed users to purchase digital goods inside iOS apps without actually paying has jumped platforms and now works on Apple's Mac platform.

The Next Web notes that programmer Alexei Borodin, who created the iOS in-app purchase exploit, now has a similar solution for apps purchased in Apple's Mac App Store. Like the exploit for iOS, this too requires that users install special security certificates on their machines, though it also requires the installation of an extra helper program.
The hacked in-app purchase dialog (click to enlarge).

Earlier today Apple said it had a fix coming in the next version of iOS, due out in the next few months, that patches the exploit. In the meantime it offered a solution that requires developers to instate a cross-check for in-app purchases with receipts from its own servers.

The Next Web reports that before this method -- which Apple says will prevent iOS users from getting in-app freebies -- became available, more than 8.4 million free purchases were made. That's up big from the 30,000 that were reported immediately after the exploit became available last week.

CNET has contacted Apple about this newer exploit aimed at the Mac App Store and will update this post when we know more.

As mentioned in previous coverage, both Apple and its developers face a loss of profits if the exploit remains in use from would-be spenders. Developers get 70 percent of the revenue from purchases made inside their apps, while Apple gets the other 30 percent.

Featured Video
This content is rated TV-MA, and is for viewers 18 years or older. Are you of age?
Sorry, you are not old enough to view this content.

Details about Apple's 'spaceship' campus from the drone pilot who flies over it

MyithZ has one of the most popular aerial photography channels on YouTube. With the exception of revealing his identity, he is an open book as he shares with CNET's Brian Tong the drone hardware he uses to capture flyover shots of the construction of Apple's new campus, which looks remarkably like an alien craft.

by Brian Tong