Sydney: Australian app developers have expressed concerns over a Russian programmer’s hack, allowing Apple users to steal paid app content, which has posed threat on the revenue generated by ‘in-app purchases’.
The developers claim that the exploit is concerning and could limit the ability of app makers to earn money from their apps.
Earlier, a Russian hacker, Alexey Borodin, reportedly discovered a method to steal content from iOS apps by making in-app purchases without actually paying any money.
In a video, posted by Borodin on YouTube, he outlined how users could avoid paying for in-app purchases without even having to gain root access to the system, and all they needed to do was install two security certificates and change the DNS settings on their device.
Although Apple recently released iOS 6 beta 3 to developers, the patch was unsuccessful in blocking Borodin''s exploit.
Australian app developer Mathew Peterson reportedly warned users not to install the hack.
“As you are using a third-party DNS server there's potential for private information, such as banking details, to be intercepted and stolen. This Russian guy doesn't seem the most scrupulous fellow so far,” Sydney Morning Herald quoted Peterson, as saying.
The exploit doesn't work with all apps, but many popular ones such as Temple Run, the report said.
Robert Kawalsky, the Australian founder of the Tonight! app, which doesn't use in-app purchasing, said that many developers relied on the ‘in-app purchases’ to make their apps financially viable and they relied on Apple for security and payment processing.
"This bug is certainly a concern for the developer community," he said.
First Published: Tuesday, July 17, 2012, 18:04