iOS 6 Have A Fix To In App Purchase Hack

Apple has announced on its development center that the iOS 6 will have a fix to the vulnerability that is used by Russian hacker ZonD80 for hacking the in app purchases.

A vulnerability has been discovered in iOS 5.1 and earlier related to validating in-app purchase receipts by connecting to the App Store server directly from an iOS device. An attacker can alter the DNS table to redirect these requests to a server controlled by the attacker. Using a certificate authority controlled by the attacker and installed on the device by the user, the attacker can issue a SSL certificate that fraudulently identifies the attacker’s server as an App Store server. When this fraudulent server is asked to validate an invalid receipt, it responds as if the receipt were valid.

iOS 6 will address this vulnerability. If your app follows the best practices described below then it is not affected by this attack.

If you are not aware of in app purchase crack, it is done by a Russian hacker and has caused millions of dollars loss in terms of in app purchases. Apple has taken every possible steps in order to block sites and videos giving information on in app purchase crack. Despite these steps the hacker has managed to survive his site by changing to different servers and still promising for continuity of the service.

You can visit official page on In-App Purchase Receipt Validation on iOS for more details. Here Apple has also given steps for developers in order to circumvent the in app purchase crack vulnerability.

发表评论

电子邮件地址不会被公开。 必填项已用*标注