Thank you for helping us by reporting bad content.
Purchases "in-app" are an increasingly popular method for developers who create apps free (to attract users) and then "encouraged" to buy that extra functionality, for a few cents or euros extra.
However, this method is thought to be "bullet proof", is now challenged, using a technique not very complicated as shown by a Russian hacker ... and no need to jailbreak. The method involves installing a certificate, and changing DNS servers.
Thus, the purchasing process is being done via a server "pirate" who seems to validate access to the contents without any payment is made. Obviously, there is a method that we recommend using (if nothing else, think about the possible repercussions that could have so Apple start checking all of these transactions - and possibly you being charged the full value that "spent".)