ZonD80, a Russian developer, has learned a technique to obtain in-app content free of charge.
ZonD80 controls In-AppStore.com, and according to a report by 9to5Mac, which obtained the news from a Russian blog, i-ekb.ru, the hack can be accomplished in as easy as three steps, including the installation of CA and in-appstore.com certificates plus changing the DNS record in Wi-Fi settings, and does not need an expert to gain free access. Devices with an iOS 3.0 version and higher can avail of this service.
Users will notice an unusual pop-up message rather than the usual password and confirmation request from Apple when trying to make in-app purchases. A window located on top of the page will pop up and ask, “Like in-appstore.com?” A “LIKE” option will then appear in two languages: English on the right and Russian on the left. This will lead you to the in-app content free of charge. For more, see the video below.
9to5Mac clarified that its aim of spreading the hack is chiefly to aid developers in the protection of their products. It is not just for any random reader with intentions of exploiting an Apple program, allowing developers to verify in-app purchase receipts, which does not work, according to comments from 9to5Mac. When asked to comment regarding the issue, Apple did not immediately respond.
It was in October 2009 when Apple launched its in-app purchases through its App Store. However, concerns of children and other users reportedly making unwanted in-app purchases on users’ accounts during the past year urged the firm to include a password requirement for in-app purchases with iOS 4.3.