Many hacking stories start with the word Russian and the latest exploit against iTunes is no exception.
In this case, Russian hacker Alexey V. Borodin (aka ZonD80) seems to have worked out a way of getting around the authentication process for in-app purchases in all content running on iOS devices.
Untrusted vendor
He says, more than 30,000 IAP transactions have been completed without any cash paid, and the process doesn't involved jailbreaking.
Instead, you install a couple of certificates and give Borodin's proxy server your iTunes username and password - hardly recommended.
He's being buying IAPs from various iOS games, updating the digital receipts received from iTunes onto the proxy server.
Because iTunes' IAP receipts use a fairly open encryption approach - due to privacy and support concerns - these can then be send out to any iOS devices once an IAP request is made, fooling the game or app into thinking an official authenticated payment has been made.
Brute force database
Of course, one limitation of this approach is that it requires a receipt from every game (and presumably for each IAP option too) in order to work completely.
That's why the focus of exploit has been on the games Borodin demonstrates himself 'hacking', notably Temple Run and CSR Racing - the latter's monetisation methods apparently being the cause of the hacker's frustration.
If so, it means he works fast as the game only came out two weeks ago.
A new stable door
As for ways of combating the hack, Apple will obviously be looking at changing its authentication process - perhaps involving a time-based process or shared secret key which isn't contained in the receipt.
Yet making the process more complex would mean all such apps need to be updated and could cause privacy issues as well as creating more failed transactions
Similarly, publishers and developers can use their own authentication servers although that's an added complication few but the largest outfits would be keen on undertaking.
So while engineers are considering their options, it seems the entire iOS ecosystem has been completely exploited, even if few people will be foolish enough to actually use the hack.
No doubt, the midnight oil will be burning in Cupertino over the weekend.
[source: The Next Web]
News
Contributing Editor
A Pocket Gamer co-founder, Jon is Contributing Editor at PG.biz which means he acts like a slightly confused uncle who's forgotten where he's left his glasses. As well as letters and cameras, he likes imaginary numbers and legumes.
Top Stories
Feature
20 minutes ago
55 top mobile games in soft launch: Squad Busters, Battle Guys: Royale, Plants vs. Zombies 3, LEGO Hill Climb Adventures, and more
Feature
May 17th, 2024
New release roundup: The best new mobile games from a battle royale to a console classic remake
Events
Digital Dragons | Europe | May 19th |
GamesBeat Summit 2024 | North America | May 20th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Nordic Game Spring 2024 | Nordic | May 21st |
Impact 2024 - Indie Games | May 23rd | |
Morocco Gaming Expo | Africa | May 24th |
MomoCon 2024 | North America | May 24th |
Unreal Fest Gold Coast 2024 | Australasia | May 29th |
Popular Stories
Feature
20 minutes ago
55 top mobile games in soft launch: Squad Busters, Battle Guys: Royale, Plants vs. Zombies 3, LEGO Hill Climb Adventures, and more
Feature
May 13th, 2024
Hot Five: Dubai's new Gaming Visa, April's mobile game charts, and Xbox studio closures
Interview
May 13th, 2024