Apple is apparently blocking the IP address of the server hosting In-Appstore.com, a tool that let users make in-app purchases without paying, but the exploit is far from fixed. Creator Alexey V. Borodin says that although his system is still working, he’s had to make changes to get around Apple’s block. The company has also ordered YouTube to take down the original video explaining it. The Next Web reports that despite this, Borodin says he’s processed 30,000 individual “purchases” and has moved his server to a country that’s not likely to respond to requests from Apple.
Apple reportedly working to block in-app purchase exploit as creator responds
Apple has reportedly started blocking the IP address associated with a tool that lets users make in-app purchases without paying, but the developer has changed servers to keep the hack functional.
Apple has reportedly started blocking the IP address associated with a tool that lets users make in-app purchases without paying, but the developer has changed servers to keep the hack functional.
is a senior tech and policy editor focused on online platforms and free expression. Adi has covered virtual and augmented reality, the history of computing, and more for The Verge since 2011.
Borodin isn't the first to put out a tool that makes in-app purchases free, but he's been one of the most public. He says that Apple has not contacted him directly about the exploit and that users "should be pleased that I simplified your life." He's started forcing users to log out before using the system "so they don’t scream to the Internet that I am stealing their credentials," though that doesn't rule out the possibility of gathering some information. While not all apps are vulnerable, developers should be aware that right now, it's not all that difficult for users to find out how to use this exploit.
Follow topics and authors from this story to see more like this in your personalized homepage feed and to receive email updates.
