Mac App Store Free In-App Purchases: the Fiesta Goes On
Mac App Store free in-app purchases are now available because 21-year old Russian Alexei Borodin modified mechanism of free in-app content downloads for iOS and now you can take advantage of it as the owner of a Mac. Since the system of purchases within the program is only available in the latest version of the currently Mac OS, this hack only works on OS X Lion 10.7 and above.
“In-AppStore for OS X” service uses almost the same method used for App Store. The user will also need to install a fake certificate and change the DNS record. The only difference is the need to run additional utilities Grim Receiper, designed to hold the check for the content purchase. Then you can go to any program, and make a purchase without paying. Detailed instructions hacker posted on his site.
When buying in-game content the application sends a request to the online App Store, the store generates a check and sends it to the developer’s server for approval. After confirming the data is returned to the App Store, which approves the purchase and download of in-game goods. As found out Borodin, the data exchanged between the servers and the developers of App Store application are transmitted in the clear and unsecured form and can be forged. His hack replaces the receipts issuance server.
To get a check such data is passed to App Store servers (also unprotected):
- user ID
- name and version of the program
- the level of application access rights
- device ID
- the number and the name of the purchased content
- the user language.
Experts warn, that if before all this information went to the Apple store, now all this data is written to the Borodin’s server.
Of course, the method of getting the content described by hacker is illegal and contrary to the rules of the App Store and the Mac App Store. However, according to Alexei, to date, users have made almost 8.5 million acts of free shopping.
According to security experts, Apple needed to protect data in the system from Mac App Store free in-app purchases with more resistant cryptographic algorithms. In addition to increase safety Apple could make some changes to close configuration access.
The first steps to close the vulnerability by Apple were not very effective. However, the engineers in Cupertino strenuously sought to eliminate loopholes and seems to have found those. In the final version of iOS 6 company promises to solve the problem and to block the possibility of buying free in-app content. Apple has not yet commented the fact of hacking the system of Mac App Store in-app purchases.