Obviously, Apple isn't pleased with the crazy-easy way to get free in-app purchases in iOS. It's doing its best to shut down Russian hacker Alexy Borodin's scheme, but right now, it's just chasing shadows.
So far, Apple has issued a takedown request of the original server, had the YouTube instruction video pulled, and had PayPal remove the donation account Borodin had set up. But Borodin has moved his servers offshore, and improved the hack to not use Apple's servers, as you can see in the flow chart above.
Here's what Apple told The Loop:
"The security of the App Store is incredibly important to us and the developer community," Apple representative Natalie Harrison said. "We take reports of fraudulent activity very seriously and we are investigating."
You can follow the ongoing back and forth at the Borodin's site, In-Appstore. He raised a little money to keep hosting running for a month, and he seems committed to keeping the whack-a-hack with Apple going as long as he can sustain it. [In-Appstore via TNW via MacRumors, The Loop]