A new report has highlighted the efforts of a hacker who has managed to find a relatively straightforward way to circumvent the iOS in-app purchasing system, without jailbreaking an iOS device (via 9to5Mac). Apparently, the Russian hacker called ZonD80, found that by installing a couple of new security certificates as well as changing DNS settings for a Wi-Fi connection, any in-app purchases could be made without going through Apple’s service. The trick is, that the in-app purchase goes through servers maintained by the hacker himself. This then enables the person who is using the hack to get in-app content that would normally be paid for free-of-charge.
However, aside from the criminal activity that would be undertaken by illegally obtaining content that is normally paid for, users would also be required to submit personal information through the hacker’s servers. The hack does appear to work on thousands of apps utilizing in-app purchasing through iOS, but is obviously unlawful, unethical and risky.