Russian hacker cracks iOS in-app purchasing, no jailbreak required

iOS in-app purchasing mechanism which lets you buy digital items in games, upgrade to full versions of apps and purchase additional content, has been cracked by a savvy Russian hacker who posted a proof of concept video, embedded below.

First noticed by Russian blog (via 9to5Mac), the hack is credited to Russian developer ZonD80 who runs the conveniently named website where he collects donations to support development of the project.

What’s special about this method – and potentially devastating to the development community – is that it doesn’t require a jailbreak and can be completed in a few simple steps by even the most inexperienced users. UPDATE: contrary to reports that Apple took the proxy site down, developer confirms it’s simply under high load and says the info site is being moved to Blogger.

This is Apple’s worst nightmare come true because, once installed, the crack basically lets anyone obtain in-app content free of charge, in most apps. The method is independent of the iOS version and works on all devices running iOS 3.x to 6.x.

Here’s a clip of the in-app proxy in action.


The published instructions are fairly simple and call for the installation of two certificates (CA and and changing a device’s DNS record in the WiFi section of Settings. This lets your device contact the Russian server to circumvent the built-in protection, producing this confirmation dialogue.

Not all apps or regions are affected, but it would appear at first glance that the hack circumvents a large enough portion of third-party apps that support in-app purchasing to be called a major issue for Apple and its developers.

The official in-app purchasing method with server product delivery.

We at iDB do not condone piracy and feel strongly against stealing other people’s work. Hopefully, Apple will pay notice and take down the Russian site because this is just way too damaging to developers who should always be entitled to getting paid for their hard work.

Do you think Apple should go after this guy immediately?