Things weren’t going to well for Apple and their App Store which was recently hacked by a Russian hacker (Alexei Borodin) who made it possible for the general public to make in-app purchases on App store apps without paying for them.
It worked as well and a number of apps were purchased until Apple moved in and stopped this outrage.
It seems like Alexei Borodin is not going to leave Apple alone, and he has done it again, this time however he has targeted the ‘In-Appstore for OS X’ allowing Mac users to make in-app purchases for free. The method he has used is quite similar to what he did with the iOS App store by using a proxy server to intercept purchase requests.
 |
| Install in-appstore certificate mac |
All users have to do is that they have to install two local certificates, point to their computers DNS settings in Borodin’s server, install an App called ‘Grim Receiper’ and then Borodin’s server acts as the Mac App store and completes the purchase. This method works without flaw and you may be shocked to know that around 8,460,017 paid apps have been downloaded for free. That’s quite a number and you can figure out just how much loss the Mac App Store must have faced.
 |
| Free in-app purchases for Mac Applications |
Apple again needs to do something about this and come up with a temporary fix. With the iOS App store they introduced the method of verifying receipts by using two private APIs. Although the Mac Store works in a similar manner and the fix should not take much long to be implemented.
 |
| In App purchases Mac apps |
A hack of this magnitude is very destructive for the overall players in the market, and the developers are the one who get to bear the brunt of it, after all their countless hours of coding and debugging goes to waste in a matter of seconds when they fail to get paid for their hard work.
The new OS X 10.8 Mac Lion is also scheduled to be released around this time, let’s see how Apple comes out of this mess. Feel free to give your views on this issue.
