Apple is investigating yet another security breach in its iTunes app store . A Russian hacker worked out a way that allows people to bypass payment in the App Store and download products for free.
The hacker, dubbed ZonD80, posted a video of the crack on YouTube (Deleted by Youtube now) and claims that the technique makes it possible to beat Apple’s payment systems by installing a couple of certificates and assigning a specific IP address to the device.
The new service, which has already been subject to attempts at shutting it down, requires no jailbreaking and only minimal configuration changes. It works by funneling purchase requests through a server operated by the hacker, rather than the legitimate one offered by Apple. As a result, charges that normally would be applied to a user’s account are bypassed.
Below are the steps to the hack:
Install two certificates: CA and in-appstore.com.
View original post 118 more words