Apple, Companies, Software Programs, Technology Security

Are you Handing your Money over to a Hacker?


Apple application developers earn 70 percent of an In-App purchase, but that money may be slipping through their fingers. A hacker has concocted a way to circumvent paying for purchases made from iOS applications on the iPhone, iPad, and iPod touch in order to gain Apple’s attention. The culprit is Alexey Borodin, a Russian developer turned hacker who went by ZonD.

In-App Purchases were hackedWhat is Borodin’s goal? Showing Apple how clever he is apparently. According to, Alexey explains: "I’m a happy user of iPhone 4S. I think they will hire me." Da ya think??

And so began a cat and mouse game between Apple and Borodin. He constructed a website explaining how the circumvention is done and wants visitors to donate money to learn how to get In-App Purchase items for free. His instructions tell the user to install two security certificates and change the domain name system (DNS) record of the mobile device to Wi-Fi settings. After downloading their so called purchase ? we call it theft ? the instructions say to restore the DNS record to its original setting. Such a hassle to bypass spending .99 cents.

For solicited donations, Borodin replaced PayPal with BitCoinHe has contrived a way to re-route and approve In-App purchase requests bypassing the legitimate path. Additionally, your credentials are being routed back to Borodin’s server. Borodin responded to Apple’s moves to thwart him by moving that server from its original location in Russia to another country altogether. He also dropped PayPal in favor of BitCoin to garner donations for his malicious activities.

Apple spokeswoman Natalie Harrison said: "The security of the app store is incredibly important to us and the developer community. We take reports of fraudulent activity very seriously…" So the game continues.