Apple has said it's "investigating" a new hack that allows iPhone users to obtain in-app purchases for free.
The hack involves a few configuration changes and the installation of some fake certification files on the device that fools its apps into thinking they're communicating with Apple when they're actually connected to a hoax server.
Russian hacker Alexey V. Borodin launched said hoax server last week, which lets users unlock paid in-app content without the associated charges ever being made to their iTunes account.
According to reports, Apple may have already tried to bring down the bogus server as two IP address previously used by it have been blocked. But it's not stopping there.
Apple has issued a statement in response to the hack: "The security of the App Store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously and we are investigating," said Apple representative Natalie Harrison.
As Ars Technica notes, however, using this system sends your Apple ID, password and possibly additional data, usually only sent to Apple, to a server operated by a hacker who has unrestricted access to all its data. You have been warned.
It's also bad to pirate software, M'kay...
No comments:
Post a Comment