Chinese Government Reportedly Behind Man-In-The-Middle iCloud Attacks

We know that China has a track record of censoring things on the internet (amongst other things), and that they have blocked access to social media such as Facebook, Twitter, and recently Instagram. However could China be blocking access to Apple’s iCloud.com website? Well according to a report from Greatfire.org, the answer is yes.

It seems that when trying to access iCloud in China, some users are unknowingly interacting with a third-party website which is essentially a man-in-the-middle attack. Some have claimed that hackers are to thank for these attacks, while others also claim that the Chinese government might have had a hand in it as well.

Unsurprisingly Beijing has denied the rumors of the Chinese government’s involvement. The goal of the attack is to obtain iCloud usernames and passwords which could be used to leak photos, messages, and other content stored on Apple’s cloud service. The belief of the Chinese government’s involvement was echoed by Mikko Hypponnen, the chief research officer at F-Secure.

“All the evidence I’ve seen would support that this is a real attack. The Chinese government is directly attacking Chinese users of Apple’s products. As always, we recommend using the Internet over a trusted virtual private network.” Now for those who are worried about iCloud’s security, Apple has implemented two-step authentication in which certain features are locked unless a one-time verification code has been entered, so if you haven’t enabled it already, perhaps you should.

Tyler Lee
Categories: Apple
Tags: Hacking, icloud, Security