Many hacking stories start with the word Russian and the latest exploit against iTunes is no exception.
In this case, Russian hacker Alexey V. Borodin (aka ZonD80) seems to have worked out a way of getting around the authentication process for in-app purchases in all content running on iOS devices.
Untrusted vendor
He says, more than 30,000 IAP transactions have been completed without any cash paid, and the process doesn't involved jailbreaking.
Instead, you install a couple of certificates and give Borodin's proxy server your iTunes username and password - hardly recommended.
He's being buying IAPs from various iOS games, updating the digital receipts received from iTunes onto the proxy server.
Because iTunes' IAP receipts use a fairly open encryption approach - due to privacy and support concerns - these can then be send out to any iOS devices once an IAP request is made, fooling the game or app into thinking an official authenticated payment has been made.
Brute force database
Of course, one limitation of this approach is that it requires a receipt from every game (and presumably for each IAP option too) in order to work completely.
That's why the focus of exploit has been on the games Borodin demonstrates himself 'hacking', notably Temple Run and CSR Racing - the latter's monetisation methods apparently being the cause of the hacker's frustration.
If so, it means he works fast as the game only came out two weeks ago.
A new stable door
As for ways of combating the hack, Apple will obviously be looking at changing its authentication process - perhaps involving a time-based process or shared secret key which isn't contained in the receipt.
Yet making the process more complex would mean all such apps need to be updated and could cause privacy issues as well as creating more failed transactions
Similarly, publishers and developers can use their own authentication servers although that's an added complication few but the largest outfits would be keen on undertaking.
So while engineers are considering their options, it seems the entire iOS ecosystem has been completely exploited, even if few people will be foolish enough to actually use the hack.
No doubt, the midnight oil will be burning in Cupertino over the weekend.
[source: The Next Web]
News
Contributing Editor
A Pocket Gamer co-founder, Jon is Contributing Editor at PG.biz which means he acts like a slightly confused uncle who's forgotten where he's left his glasses. As well as letters and cameras, he likes imaginary numbers and legumes.
Top Stories
News
2 hours, 31 minutes ago
Subway Surfers Classic update set to take players back to the game's origins
News
2 hours, 31 minutes ago
A third of developers implementing new payment options in face of Digital Markets Act’s $18 billion opportunity
News
3 hours, 1 minute ago
More Xbox cutbacks hit ZeniMax with only Microsoft’s mobile ventures now unscathed
News
4 hours, 31 minutes ago
Chinese publisher iDreamSky opens office in Riyadh for first international expansion
News
2 hours, 31 minutes ago
A third of developers implementing new payment options in face of Digital Markets Act’s $18 billion opportunity
Feature
May 7th, 2024
Mobile Mavens: The industry has its say on Squad Busters ability to draw in “untapped audiences” with its “influence from a range of genres”
Feature
May 7th, 2024
Hot Five: Supercell’s Squad Busters supremacy, Brawl Stars bounces back, and a games industry journey at King
Events
Valencia Indie Summit 2024 | Europe | May 16th |
Digital Dragons | Europe | May 19th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Israel Mobile Summit 2024 | Middle East | Jun 6th |
Future Games Show 2024 | Jun 8th | |
PC Gaming Show 2024 | Jun 9th | |
WN Conference Istanbul 2024 | Jun 11th | |
DevGAMM Vilnius 2024 | Europe | Jun 14th |