China could be behind a new Apple iCloud cyberattack
Chinese authorities allegedly are using a man-in-the-middle attack to get Apple ID information from Chinese users. The attack was first highlighted by Web censorship blog Great Fire (via The Verge).
According to the report, Chinese visitors to the iCloud website are now being redirected to a fake site that resembles the real thing. A similar attack is targeting Microsoft’s login.live.com website.
They note:
This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc. Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone. While the attacks on Google and Yahoo enabled the authorities to snoop on what information Chinese were accessing on those two platforms, the Apple attack is different. If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by the Chinese authorities.
Great Fire says that users should access the Web through a trusted browser such as Firefox or Chrome, which will warn users before they access an illegitimate site. They also note that a VPN can be used to bypass this redirection. Two-factor authentication may also prevent attackers from accessing an iCloud account using a compromised username and password.
