Unsuspecting iTunes users in Russia trying to download foreign (to them) films like Amelie and Blade Runner instead got an eyeful of scantily clad ladies selling everything from salacious toys to erotic encounters.

An unfortunate bug in the launch of iTunes in Russia served up unexpected XXX content for Russian users. The pornographic bug compiled content from porn sites and escort services and displayed it in the “more films in different languages” section of iTunes.

The content came from the xxx.xxx domain, the directory for the .xxx domain, so it should not have posed any sort of security risk.

iPhones.ru thinks the iTunes team may have put some temporary xx.xx.xx placeholder links in the code that didn't actually act as placeholders. Oops.

Lookout Mobile Security's lead iOS developer Jørgen Tjernø thought this was the case as well. He noted it was the responsibility of the iTunes management team, not the developers though, to switch out the placeholder with an actual link when iTunes launched in the country.

"In general, linking to sites you control yourself, to domains you own, is a much better [placeholder] practice to ensure content isn’t shady or ends up being shady," Tjernø told Wired.

We risked the ire of the HR folks when we tried to replicate the issue, but it appears Apple put a quick stop to it.

via 9to5 Mac

Additional reporting by Roberto Baldwin