Many hacking stories start with the word Russian and the latest exploit against iTunes is no exception.
In this case, Russian hacker Alexey V. Borodin (aka ZonD80) seems to have worked out a way of getting around the authentication process for in-app purchases in all content running on iOS devices.
Untrusted vendor
He says, more than 30,000 IAP transactions have been completed without any cash paid, and the process doesn't involved jailbreaking.
Instead, you install a couple of certificates and give Borodin's proxy server your iTunes username and password - hardly recommended.
He's being buying IAPs from various iOS games, updating the digital receipts received from iTunes onto the proxy server.
Because iTunes' IAP receipts use a fairly open encryption approach - due to privacy and support concerns - these can then be send out to any iOS devices once an IAP request is made, fooling the game or app into thinking an official authenticated payment has been made.
Brute force database
Of course, one limitation of this approach is that it requires a receipt from every game (and presumably for each IAP option too) in order to work completely.
That's why the focus of exploit has been on the games Borodin demonstrates himself 'hacking', notably Temple Run and CSR Racing - the latter's monetisation methods apparently being the cause of the hacker's frustration.
If so, it means he works fast as the game only came out two weeks ago.
A new stable door
As for ways of combating the hack, Apple will obviously be looking at changing its authentication process - perhaps involving a time-based process or shared secret key which isn't contained in the receipt.
Yet making the process more complex would mean all such apps need to be updated and could cause privacy issues as well as creating more failed transactions
Similarly, publishers and developers can use their own authentication servers although that's an added complication few but the largest outfits would be keen on undertaking.
So while engineers are considering their options, it seems the entire iOS ecosystem has been completely exploited, even if few people will be foolish enough to actually use the hack.
No doubt, the midnight oil will be burning in Cupertino over the weekend.
[source: The Next Web]
News
Contributing Editor
A Pocket Gamer co-founder, Jon is Contributing Editor at PG.biz which means he acts like a slightly confused uncle who's forgotten where he's left his glasses. As well as letters and cameras, he likes imaginary numbers and legumes.
Top Stories
Feature
Mar 25th, 2024
5 takeaways from GDC 2024: The games industry reckons with key challenges, Godot competes with Unity, and AI was the big trend without the big announcements
Feature
Mar 25th, 2024
Hot Five: Epic’s app store plans, Turkey’s tax exemptions, and Call of Duty Warzone: Mobile finally releases globally
Events
Mobidictum Network Lisbon April 2024 | Europe | Apr 16th |
HIT Games Conference Istanbul 2024 | Apr 18th | |
App Promotion Summit London | Europe | Apr 25th |
Dubai GameExpo Summit 2024 | Middle East | May 1st |
Mobidictum Meetup Berlin May 2024 | Europe | May 7th |
Mobidictum Meetup Tallinn May 2024 | Europe | May 21st |
Israel Mobile Summit 2024 | Middle East | Jun 6th |
Mobidictum Meetup Barcelona September 2024 | Europe | Sep 1st |
Popular Stories
Feature
Mar 25th, 2024