Many hacking stories start with the word Russian and the latest exploit against iTunes is no exception.
In this case, Russian hacker Alexey V. Borodin (aka ZonD80) seems to have worked out a way of getting around the authentication process for in-app purchases in all content running on iOS devices.
Untrusted vendor
He says, more than 30,000 IAP transactions have been completed without any cash paid, and the process doesn't involved jailbreaking.
Instead, you install a couple of certificates and give Borodin's proxy server your iTunes username and password - hardly recommended.
He's being buying IAPs from various iOS games, updating the digital receipts received from iTunes onto the proxy server.
Because iTunes' IAP receipts use a fairly open encryption approach - due to privacy and support concerns - these can then be send out to any iOS devices once an IAP request is made, fooling the game or app into thinking an official authenticated payment has been made.
Brute force database
Of course, one limitation of this approach is that it requires a receipt from every game (and presumably for each IAP option too) in order to work completely.
That's why the focus of exploit has been on the games Borodin demonstrates himself 'hacking', notably Temple Run and CSR Racing - the latter's monetisation methods apparently being the cause of the hacker's frustration.
If so, it means he works fast as the game only came out two weeks ago.
A new stable door
As for ways of combating the hack, Apple will obviously be looking at changing its authentication process - perhaps involving a time-based process or shared secret key which isn't contained in the receipt.
Yet making the process more complex would mean all such apps need to be updated and could cause privacy issues as well as creating more failed transactions
Similarly, publishers and developers can use their own authentication servers although that's an added complication few but the largest outfits would be keen on undertaking.
So while engineers are considering their options, it seems the entire iOS ecosystem has been completely exploited, even if few people will be foolish enough to actually use the hack.
No doubt, the midnight oil will be burning in Cupertino over the weekend.
[source: The Next Web]
News
Contributing Editor
A Pocket Gamer co-founder, Jon is Contributing Editor at PG.biz which means he acts like a slightly confused uncle who's forgotten where he's left his glasses. As well as letters and cameras, he likes imaginary numbers and legumes.
Top Stories
News
Apr 26th, 2024
Week in Views - Squads busted, Apple crushed, War zoned and Snoozin' with the Snorlax…
Feature
Apr 26th, 2024
Speaker Spotlight: Dubai Future Foundation's Faisal Kazim on leading Dubai's gaming charge
Events
Esports Future Summit | Middle East | Apr 27th |
Dubai GameExpo Summit 2024 | Middle East | May 1st |
The MENA Games Industry Awards 2024 | Middle East | May 2nd |
GameDev Atlantic 2024 | May 4th | |
Mobidictum Meetup Berlin May 2024 | Europe | May 7th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Israel Mobile Summit 2024 | Middle East | Jun 6th |
DevGAMM Vilnius 2024 | Europe | Jun 14th |
Popular Stories
News
Apr 23rd, 2024
Supercell’s Squad Busters soft launches today with over 100,000 Google Play downloads
Feature
Apr 24th, 2024