Chinese officials have reportedly set up a firewall that blocks all connections to iCloud.com, and redirects users to dummy site that looks exactly like Apple’s iCloud login page.
According to Great Fire, Chinese authorities are reportedly using a ‘man-in-the-middle attack’ to gather usernames and passwords from Chinese iCloud Users.
This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc. Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone. While the attacks on Google and Yahoo enabled the authorities to snoop on what information Chinese were accessing on those two platforms, the Apple attack is different. If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by the Chinese authorities. Many Apple customers use iCloud to store their personal information, including iMessages, photos and contacts. This may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.
Since this phishing attempt is taking place at a high level, it is very likely that the Chinese authorities are indeed behind this attack to gather usernames and passwords. A similar attack is also being launched against Microsoft’s login.live.com accounts.
Great Fire advises Chinese users to use a trusted web browser such as FireFox and Chrome, which will warn users of the phishing attempt. Unfortunately, Qihoo, the most popular browse in China, is not warning users of the attack.
The phishing attempt comes just as Apple has recently launched the iPhone 6 and iPhone 6 Plus in the country.
via The Verge