Russian Hacker Finds Loophole to Get In-App Purchases for Free

A Russian hacker going by the handle "ZonD80" has figured out how to cheat Apple's App Store without the need to jailbreak or hack an iPad or iPhone.

What You Need to Know:

- By setting up a false domain name server (DNS) and two false security certificates, users can make direct in-app purchases to a ghost Apple App Store.

- Due to server overload, this technique has been failing.

- App developers who want to avoid being hacked should ensure they have set up a method for validating receipts for in-app purchases.

Other sources

Apple is a big company, I am not. If you want to help me to buy really dedicated 4-quad core server with at least 4gbytes of ram – donate to paypal. - ZonD80  
As much as you want those billion Smurfberries for free, we recommend you stay far away from this. - TUAW  
iOS Hack Bypasses In-App Purchases on iPhone and iPad  

9to5Mac is reporting that the hacker has come up with an “in-app proxy” method that allows users on an iPhone, iPad or iPod touch to get in-app purchases for free just by following a few steps.

Russian Hacker Finds Loophole to Get In-App Purchases for Free  

Finding a way to get in-app purchases without having to actually purchase them seems like a harmless bit of fun, especially at the expense of Apple’s self-proclaimed excellent security system. However, it comes at the cost of harming independent developers who rely on in-app purchases to keep their dreams alive. That’s why we’re not going to tell you how Russian developer ZonD80 hacked the system.

Russian hacker circumvents iOS in-app purchases  

First, you're stealing. That's bad enough, but should you need more it's important to note that you'll also be sending a Russian hacker info like the unique ID for your device.

PC World
Apple Scrambles to Patch App Store Hack