Apple fights back at in-app freebie exploit
Apple is not too pleased with Russian hacker Alexey V. Borodin, and a hack he developed that allows iDevice owners to install in-app goods without paying for them.
According to The Next Web, Apple over the weekend blocked the IP addresses of the server Borodin used to facilitate the hack. In addition, the company issued a takedown request to his server’s hosting provider. Apple even requested that the video Borodin posted showing his technique in action be removed from YouTube due to a copyright violation.
Borodin last week surfaced with an exploit that re-routes in-app purchase requests away from Apple or a developer’s secured server to one that pretends to come from the iPhone maker. That fake server gives the request the go-ahead to deliver the in-app purchase without having customers pay for a virtual good.