Gamasutra: The Art & Business of Making Gamesspacer
View All     RSS
March 24, 2017
arrowPress Releases

If you enjoy reading this site, you might also want to check out these UBM Tech sites:

Apple fixes iOS hack, but now Mac App Store targeted
Apple fixes iOS hack, but now Mac App Store targeted
July 23, 2012 | By Eric Caoili

Apple has issued a temporary fix for the hack that allows users to download premium content in iOS games and applications for free, but the culprit behind the exploit is now turning his attention to the Mac App Store.

Detailed by Russian hacker Alexey Borodin two weeks ago, the vulnerability affects developers that validated in-app purchases by connecting to the App Store server. Apple attempted to block the service that made the hack possible, but Borodin moved it to another server, and has so far processed tens of thousands of illicit downloads.

Apple has offered a fix for affected game makers by publishing a "best practices" guide that outlines how they can patch the vulnerability in their titles using a private API -- one of the few times the company has actually encouraged developers to use a private API.

This fix, though, is a temporary measure that developers will have to implement themselves. Apple says it will not be able to patch this exploit completely until it puts out the next operating system update for its smartphones and tablets, iOS 6, which is expected to release this fall.

Borodin has conceded defeat, at least when it comes to working around security measures for iOS app purchases: "[The] game is over. Currently we have no way to bypass updated APIs. It's good news for everyone; we have updated security in iOS, developers have their air-money."

However, the hacker unveiled a similar exploit on Friday that circumvents in-app purchase fees on the Mac App Store. Apple has not yet addressed that vulnerability, and Borodin implies that he will have more workarounds ready if the company releases a fix.

Related Jobs

Vicarious Visions / Activision
Vicarious Visions / Activision — Albany, New York, United States

Senior Security Engineer
Wargaming | BigWorld
Wargaming | BigWorld — Sydney CBD, New South Wales, Australia

Software Engineer, C++, Game Engine Development
Intel — Santa Clara, California, United States

Research Scientist
Skydance Interactive
Skydance Interactive — Marina Del Rey, California, United States

VFX Artist

Loading Comments

loader image