A Russian hacker who goes by the name ZonD80 has published (using his servers) a way to bypass the actual App Store’s in-app purchasing servers and unlock content without having to pay.
Very clever, but unfortunately, this is illegal.
First, this is stealing. That is bad enough, but should you need more it is important to note that you will also be sending a Russian hacker info like the unique ID for your device. No matter how much you want those billion Smurfberries for free, we advise you to stay far away from this. Hopefully, Apple might patch this quickly.
9to5Mac was the first to report this. Macworld interviewed the hacker and a few developers for response. Many commenters on 9to5 point out developers can (and should) validate receipts, which is how some apps are able to deny would-be thieves. Possibly, now many developers would implement this.