A hacker known as ZonD8o has reportedly come up with a method that enables you to makein-app purchases on iOS devices for free. The hack could be especially problematic for developers because it is so easy to pull off that even novices with no experience of hacking devices could do it. The device doesn’t even need a jailbreak to use the hack. The hack just needs you to download some security certificates from the hacker’s website, change some settings on the device’s Wi-Fi connection, and that’s it. The people at Apple blog 9to5Mac have tested it out and confirm that the hack works on several devices, from iOS 3 to the yet-unreleased iOS 6. The YouTube video posted by ZonD8o could be found here , but has since been taken down by Apple, citing a copyright claim. The method does not seem to work for in-app purchases in all apps. Apple provides a receipt verification service , which, if enabled, would render the hack by ZonD8o ineffective. According to the report by 9to5Mac, ZonD8o runsa website called In-AppStore where donations are being accepted to support the development of the hack and to help keep the servers running. Many apps on the iTunesApp Store depend on in-app purchases as their primary source of income, with the main appthemselves sometimes being free. TheNextWeb spoke with Alexey V. Borodin, a.k.a. ZonD8o, developer of thehack, about the hack andhow it works. Borodin was willing to share his findings with Apple, and says that he is no longerin charge of the In-Appstore site, and willbe deleting any information that he has about the site from his computer. TNW states that the site is now in the hands of anunnamed third party, as Borodin says he does “not want to be in jail=).” Apple responded to The Loop about the situation with this statement, “Thesecurity of the App Storeis incredibly important to us and the developer community,” Apple representative Natalie Harrison, told The Loop. “We take reports of fraudulent activity very seriously and we are investigating.” Apple has been having problems with cyber-security recently. A Java-based malware wasfound attacking older versions of OS X, and before that, the companyhad to remove what was believed to be the first malicious app in the iOS App Store, according to areport by MacRumors. Apple also recently removed the claim from its website that their devices were immune from viruses, according to a report by TUAW.
