Apple is Getting HACKED!

A Russian software developer called ZonD80 has found a way to circumvent Apple’s (NASDAQ:AAPL) iOS in-app purchases system, allowing users to download anything within a mobile app for free. First noticed by Russian blog i-ekb.ru, the “in-app proxy” method does not require a device jailbreak and can be completed in just three steps using a standard iOS device. The hack uses a proxy system to send purchase requests to third-party servers, where they are validated and sent back to the application as if the transaction had gone through.

Don’t Miss: Are Apple’s MacBook Pro Shipping Delays FINALLY Improving?

All a user needs to do is install a CA certificate, install a second certificate from the hacker’s website in-appstore.com, and then change their device’s DNS record. After the process, users are presented with an acceptance message different from Apple’s usual confirmation dialog when making in-app purchases. It works on all devices running iOS 3.0 to 6.0.

The loophole even covers other types of content, including Newsstand, Apple’s digital service that lets users buy newspaper magazine subscriptions and individual issues.

The hack will hurt third-party developers as well as Apple. The iPhone maker introduced in-app purchasing in 2009 as an added revenue stream for developers and to simplify the process of publishing apps. Just like app purchases, digital items purchased from within apps carry a revenue split that gives developers 70 percent of the proceeds while Apple keeps the other 30 percent.

Don’t Miss: Apple: Crossing Borders and Breaking Sanctions.