Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Fighting Back Against In App Purchase Hack, But Service Still Operational

Late last week, we reported on the launch of a new method to allow App Store users to bypass Apple's In App Purchase mechanism and receive additional content free of charge. At the time, we noted that use of the method involved theft of content from developers and exposed iOS device users to dangers as their account and device information was being routed to servers under the control of the Russian hacker running the service, but we felt that reporting on the issue to bring it to light was the responsible thing to do in order to alert developers to the issue and perhaps spur Apple into action.

The Next Web now follows up with a report outlining some of the steps Apple has been taking to combat the issue, including issuing a copyright claim to have the original video showing the hack in action pulled from YouTube.
Over the weekend, Apple began blocking the IP address of the server used by Russian hacker Alexey V. Borodin to authenticate purchases.

It followed this up with a takedown request on the original server, taking down third-party authentication with it, also issuing a copyright claim on the overview video Borodin used to document the circumvention method. PayPal also got involved, placing a block on the original donation account for violating its terms of service.
The hacker, Alexey Borodin, remains committed to the service and has been working to skirt around the roadblocks being thrown up by Apple, in part by moving the service to a server in another country, but it is clear that Apple is working on the issue and addressing it through multiple routes in order to improve the security of In App Purchase content. For now, however, the service remains operational.

Top Rated Comments

(View all)

27 months ago

Leave it to Apple to take away someone's fun.... :rolleyes:


Leave it to hackers to steal from people who worked hard on their products :rolleyes:
Rating: 21 Votes
27 months ago
Ripping off the devs....putz!:mad:
Rating: 18 Votes
27 months ago

Leave it to Apple to take away someone's fun.... :rolleyes:


You realise this isn't 'someone's fun' - it's theft, that affects developers income.
Rating: 18 Votes
27 months ago
Leave it to Apple to take away someone's fun.... :rolleyes:
Rating: 14 Votes
27 months ago
am I the only one who feels like news/rumors sites shouldn't be posting about this... This is only drawing attention to it and tempting more people to steal from these hard working developers.
Rating: 14 Votes
27 months ago
I feel sorry for Alexey Borodin. He has no moral centre.
Rating: 14 Votes
27 months ago

Any person with a jailbreak can get this same thing, without having to send your info through a rogue server. If you're non jailbroken and attempt this, you deserve any penalty that could be handed out. I know devs have a way of checking if you have legitimately purchased their app, same thing can apply. Or do like that FPS game did for PS3, pirates get an unkillable mob that just rages until you're dead.


If you ARE jailbroken and attempt this, you still deserve punishment. Stealing from developers’ hard work is what gives jailbreaking a bad name.
Rating: 9 Votes
27 months ago
From the article:

Borodin also notes that Apple has not contacted him over the issue.

Of course Apple would not contact _him_. They would be contacting the police where he lives.
Rating: 7 Votes
27 months ago

You mean like how people have been stealing from the app store for the past 4 years? :rolleyes:

It's like posting "The combination to the vault at your local bank is 32-16-50, but we recommend that you don't use this information. You could get caught"

Sure it's possible to rob a bank without the combination and its possible that you could get caught, but it's only encouraging a large audience of people to go rob that bank now.


If the thought of giving someone the credentials to your iTunes account (and all the power that entails) in order to save a buck doesn't deter you from pirating (again, over chump change), then you deserve all the ID theft coming your way.

Honestly, you're using an at least $200 device (iPod touch) in order to steal relatively pennies' worth of goods. Yay.
Rating: 7 Votes
27 months ago

Plus I feel some of these in-app purchases are way too expensive, If I pay for the app the most expensive in-app purchase should be 10 bucks. 99$ dollars for some in app money is ridiculous for that much one should get infinite money.


This is irrelevant. Just because you think something is too expensive, it doesn't give you the right to steal it. If you went to a store and the video game you wanted was too expensive, would you steal it? It's the same thing, only since apps are digital files people seem to think they can do whatever they want to get them. People try to justify it by saying that the developers are charging too much. That argument doesn't hold up.
Rating: 5 Votes

[ Read All Comments ]