Apple Inc’s backup service in China for its iCloud storage received an attack to steal user credentials, according to Reuters today. The Chinese web monitoring group, Greatfire.org, reported that the “man-in-the middle attack or MITM was employed.
The Greatfire Internet monitoring group claimed on their blog that the Chinese government is behind this latest attack. The accusation is denied by the Chinese government through a government spokesperson. The hackers interposed their own website between Apple users and the Apple iCloud. This bogus middle website intercepts data and then gains access to passwords, photos and contacts.
Greatfire.org, an organization that conducts research online for Chinese Internet censorship, states that this alleged government involvement in the attack is a repeat of attacks on Google Inc, Github and Yahoo. This attack according to Greatfire came several weeks after Apple said it would begin storing iCloud data for its Chinese users on China Telecom, the government owned Chinese cell phone and Internet provider which Apple had reached an agreement last year.
This event also coincides with the onset of iPhone 6 sales in China. Cyber security concerns had been voiced by Apple and talks had been ongoing prior to this announcement. The Greatfire.org site states that in the past Google and Yahoo attacks enabled the Chinese authorities to access what information Chinese were viewing on those two platforms. This attack allowed the hackers to click onto the Apple site with username and password that is now compromised by Chinese authorities.
Greatfire posts on its website the alternative to use for Internet users in China. Firefox or Chrome is listed as browser sites which will prevent users from accessing iCloud.com. The Chinese Qihoo’s site is listed as a browser that will load the MITM page and allow access to the user’s information.
Apple made changes to its new iPhone 6 with encryption that was done to prevent NSA snooping. It is not known if the iPhone 6 that is sold in China is using the encryption to prevent the Chinese government from snooping. Since China Telecom is the government owned Internet provider it raises suspicion and a question to the future of Apple and other foreign providers to work with the Chinese government. “Generally one has to be slightly careful about attributing these attacks – however, in this case, it does seem to have come from deep within in China’s domestic network. The finger is definitely pointing in that direction,” said Prof Alan Woodward, a security researcher from the University of Surrey, to the BBC.