Chinese Government Accused Of Staging ‘Malicious Attack’ On Apple’s iCloud Service

  • 20 October 2014
  • 4 replies
  • 4 views

Userlevel 6
With the release of the new iPhone in China, and it being such a popoular device, it really comes to no surprise that this is being reported.  With policies that are focused on censorship and control, the iPhone and iCloud push the boundaries of acceptance within the communist nation's policies.
 


 
Full article: http://techcrunch.com/2014/10/20/chinese-government-accused-of-staging-malicious-attack-on-apples-icloud-service/
Article by Jon Russell (@jonrussell)
 
China’s government is being accused of trying to wiretap Apple customers in the country.Great Fire, a reputed non-profit organization that monitors Internet censorship in China, claimed today that Chinese authorities have laid a trap to snare log-in details for iCloud users via a “malicious attack.”
 
Great Fire said that a ‘man-in-the-middle’ attack has been set up to “gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.” Great Fire, which previously reported a similar attack against Google in China, reported that some web browsers may trigger a warning before loading icloud.com, but others — including the popular Qihoo 360 ‘secure’ browser — do not.
 
Any users who click through and log-in to the affected website will need to switch on two-factor security to keep their compromised account secure.
 

4 replies

Userlevel 7
Badge +54
Thank you for posting this Richard. Can nothing be trusted in China? that is the impression we get from there.
Userlevel 6
An update to this storycomeing from www.itpro.co.up
 
Article by Rene Millman
Bogus iCloud log-in page fools Chinese Apple users

Probably not looking for nude celebs this time
 
Chinese hackers have launched a man-in-the-middle attack designed to intercept the usernames and passwords of Apple’s iCloud users. 
 
According to reports from anti-censorship organisation Greatfire, the hack coincides with the launch of the Apple iPhone 6 and 6 Plus in the country.
 
The organisation said Chinese users that try to log into iCloud using the IP address 23.59.94.46 will see a fake login site identical to the real Apple iCloud login page. However, alarm bells should ring as the fake site throws up a few security warnings.
 
Users with browsers such as Chrome or Firefox should detect fake security certificates, however many in the country prefer to use home-grown browsers that do not flag these certificates as bogus. Greatfire said Qihoo’s popular Chinese 360 secure browser is “anything but and will load the MITMed page directly.”
 
If users ignore the warnings, their details will get passed onto eavesdroppers, it is claimed.


Read more: http://www.itpro.co.uk/security/23337/bogus-icloud-log-in-page-fools-chinese-apple-users#ixzz3GnPqkj4X
Userlevel 7
Badge +3
By Larry Seltzer for Zero Day | October 21, 2014 -- 16:57 GMT (17:57 BST)
 
The attack against Apple's iCloud in China is a perplexing one. It seems to be designed to be noticed rather than to fool anyone.
The original report, it's worth noting, is by greatfire.org, an activist group "bringing transparency to the great firewall of China." That doesn't make anything they say inaccurate, but perhaps they downplay the considerable mitigating factors against the attack.
The mechanisms in the attack are what makes it both ominous and amateurish. The ominous part comes from the fact that the attackers were able to hijack an IP address (specifically 23.59.94.46) to which icloud.com's DNS pointed, and redirect users to a fake site.
 
   iCloud attack is blunt and obvious | ZDNet
 
   
Userlevel 7
Badge +54
Posted by Darrell Etherington
 
http://tctechcrunch2011.files.wordpress.com/2014/10/icloud-safari-verified.png?w=1049
Apple has released an updated iCloud security support document with instructions on how to avoid man-in-the-middle type attacks like those affecting customers in China reported over the past couple of days. The support site says that Apple is “deeply committed to protecting [its] customers’ privacy and security,” and that it is “aware of intermittent organized network attacks” but doesn’t specify the most recent incident in particular, nor does it mention China at all.
It does provide tips about how to ensure you’re connected to iCloud proper, and not a redirected spoof site designed to lure you into revealing your credentials. In Safari, that means validating the certificate via the green address bar title and the message revealed when you click the lock icon, and in Chrome that means check the green lock icon next to the address owner name to verity that it is indeed Apple. Apple also details the errors you’ll see if there isn’t a secure connection possible.
 
Full Article

Reply