New exploit could cost developers thousands in lost revenue
A hacker has created a new exploit on iOS devices to allow users to make in-app purchases for free.
As reported by MacWorld, the exploit, first posted last Wednesday, has since been publicised on various websites, causing the server that enables the exploit to work crash.
The hack tricks the App Store into believing users have accessed it, when in actual fact the consumer has entered into a fake App Store instead allowing them to purchase virtual items for free.
The exploit could cost many developers thousands in potential revenue, with many titles using the free-to-play model to monetise their customers after the initial download and relying on in-app purchases to generate money.
The creator of the hack, Alexey V. Borodin, said he had created the exploit because it was his “hobby”.
Advertisement
Apple spokeswoman Natalie Harrison responded to the exploit and stated: “The security of the App Store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously, and we are investigating."
An obviously intelligent guy spends his time working out how to cheat developers out of their livelihood. Well done, prick.
Yeah, I doubt any "hacker" would do their day job for free...unless they live with their mum and don't have to pay any bills.
This guy obviously helped out apple and all devs by pointing out the exploit. Otherwise he couldve kept it underground and developers would keep being cheated out of their 'livelihood'.
If anything he did apple a favour.
Alternatively, he could have told Apple of the exploit on the QT, like a responsible adult, and Apple could have quietly fixed the loophole.
Instead, he published the exploit for all to see, and allowed a bunch of thieves to cheat developers out of their livelihood. As Bob said in post #1: "Well done, prick".
Who knows, this guy could have been paid off to damage the free to play model and some how validate the continual use of the dreaded DRM's.
F2P = best thing to hapen to gaming since muliplayer
DRM = worst thing for gaming "EVER"
Michael Pachter believes that if you can find a way to get access to DLC that's on a disc you purchased then that's not illegal. I'm not sure on his legal credentials but if that is the case then this guy isn't breaking the law because he's not actually giving you content. He's just letting you unlock content that you've already paid for.
I hate Free 2 Play. I truly believe it is killing the industry so I won't be sorry to the back of it and this will play it's part in that. What I will be sorry to see though, is a ton of businesses that can't get up and running because either they rely on F2P for their income or their business plan was banking on the F2P model.
This is not quite true. When you make an in-app purchase on the real app store you get a receipt. You can then contact your own server which can validate that a receipt was issued for that in-app purchase. If a developer was lazy and didn't implement the receipt check, then this hack would work. Otherwise, it wouldn't because there would be no valid receipt and the purchase could be detected as obtained through a hack.
