We’ve reported last week about the Russian hack that allowed users to make in-app purchases without actually paying a dime. Apparently Apple fixed the issue and today the company has released a document that teaches developers how to forfeit the in-app abuse.
Basically the document is Apple’s way of allowing developers to use private APIs so that a permanent fix can be obtained.
“Please note: This hack is essentially stealing. Developers who've worked hard on app content that you want to use or play with deserve to be paid for it, and gaining access to that content illegitimately is wrong.”
As mentioned above the hack is not working in iOS 6 at all, courtesy of new improved and updated APIs. So when the new operating system will be debuted in a couple of months, such hacks will constitute issues of the past. Apple spokesperson Tom Neumayr assured users that this will be the case:
“We recommend developers follow best practices at developer.apple.com to help ensure they are not vulnerable to fraudulent In-App purchases. This will also be addressed with iOS 6.”
The problem is that the hack is still working in the current version of the operating system, but the developers are working to solve the issue as soon as they can.
In the mean time, Apple advises buyers to be careful when validating receipts and be on the constant look out for suspicious things when logging in to the App Store.
Source: In-app purchase hack won't work in iOS 6, say coders | TUAW - The Unofficial Apple Weblog