In the last week the hacking system of in-app purchases of the applications in the App Store has become very popular, tens or maybe even hundreds of thousands of people being interested in finding out how they can use it. Because the system became so popular, Apple was forced to block it, but for now it offers developers a temporary method of improving the security of applications, following that from iOS 6 the problem to be completely solved. The temporary solution proposed by Apple can be found in this page and it should theoretically not be able to be exploited by hackers, but it remains to be seen if this will happen or not.
A vulnerability has been discovered in iOS 5.1 and earlier related to validating in-app purchase receipts by connecting to the App Store server directly from an iOS device. An attacker can alter the DNS table to redirect these requests to a server controlled by the attacker. Using a certificate authority controlled by the attacker and installed on the device by the user, the attacker can issue an SSL certificate that fraudulently identifies the attacker's server as an App Store server. When this fraudulent server is asked to validate an invalid receipt, it responds as if the receipt were valid.
iOS 6 will address this vulnerability. If your app follows the best practices described below then it is not affected by this attack.
In a statement given to those from cNET, an Appe spokesperson claims that the whole issue will be completely resolved by Apple in iOS 6 and that developers should not worry. Until then, users enjoy freebies, and developers lose not negligible amounts of money.
We recommend developers follow best practices at developer.apple.com to help ensure they are not vulnerable to fraudulent In-App purchases," Apple spokesperson Tom Neumayr told CNET. "This will also be addressed with iOS 6.
