Hackers have reportedly begun targeting iCloud users in mainland China, utilizing a so-called "man-in-the-middle" approach in an attempt to steal user information, with one group accusing the Chinese government itself of perpetrating the attack.
The attacks were first revealed by Chinese activist group GreatFire.org, which said the latest efforts resemble previous attacks on Google, Yahoo, and Microsoft Hotmail. The organization has alleged that China's government is involved in the attacks, according to Reuters.
The attacks are said to have incredibly deep access to the servers of Chinese Internet providers, leading to speculation that the government-owned companies are cooperating in the attack. Security researchers say that Greatfire.org's claims appear to be accurate, though the Chinese government has denied the accusations.
The attacks first came to light when users in China began to receive security warnings from Apple's iCloud service. That led Chinese Internet activist Zhou Shuguang to investigate.
According to The Wall Street Journal, Zhou found that a so-called "man-in-the-middle" attack had been implemented between iCloud users and the server where data is hosted. His findings were also corroborated by security analyst Erik Hjelmvik of Netresec AB, who called the attack "quite massive" and "sophisticated."
Analysts who spoke with the Journal alleged that Chinese iCloud users' data stored in the cloud, including usernames and passwords, could be at risk if the attackers can decrypt the communication between users and iCloud servers in China. However, there was no immediate evidence that the hackers have been able to decrypt the data.
And while GreatFire.org has accused the Chinese government of being volved, some critics say the fact that users are alerted of security warnings suggest attack is too easily detected for the government to have played a part.
34 Comments
[quote name="AppleInsider" url="/t/182962/hackers-targeting-apple-icloud-users-in-mainland-china-with-massive-attack#post_2624323"] And while GreatFire.org has accused the Chinese government of being volved, some critics say the fact that users are alerted of security warnings suggest attack is too easily detected for the government to have played a part.[/quote] If the Chinese user depends on Google Chrome or Firefox then they get a pop-up warning of a spoofed site AND default blocking. If instead they use one of China's most popular browsers, Qihoo, there's nothing to indicate you aren't going to a legitimate Apple site according to the source. Many, many thousands (millions?) of users may well be fooled into giving up their sign-in credentials.
And you thought the NSA was bad.
This is old news AI: http://9to5mac%2ecom/2014/10/20/chinese-government-apparently-phishing-icloud-account-info/ And Apple, please fix this Copy Paste bug
@sog35 you're right. The USA should offer US citizenship to every Chinese who asks. I mean, they never asked to live in a communist country, right? Also... I thought I read something about you leaving the Internet forever and going to be a monk in Thailand if no Apple TV Media Center 2014 Supreme Edition last week?