Chinese hackers have launched a man-in-the-middle attack designed to intercept the usernames and passwords of Apple's iCloud users.
According to reports from anti-censorship organisation Greatfire, the hack coincides with the launch of the Apple iPhone 6 and 6 Plus in the country.
The organisation said Chinese users that try to log into iCloud using the IP address 23.59.94.46 will see a fake login site identical to the real Apple iCloud login page. However, alarm bells should ring as the fake site throws up a few security warnings.
Users with browsers such as Chrome or Firefox should detect fake security certificates, however many in the country prefer to use home-grown browsers that do not flag these certificates as bogus. Greatfire said Qihoo's popular Chinese 360 secure browser is "anything but and will load the MITMed page directly."
If users ignore the warnings, their details will get passed onto eavesdroppers, it is claimed.
"This is clearly a malicious attack on Apple in an effort to gain access to user names and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc," said Greatfire in the blog post.
"Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone."
The censorship watchdog said authorities had also mounted attacks on Google, Yahoo, Github and others. It said the latest attack may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.
Greatfire also said the attack could be related to the increased security of the new iPhone. Better encryption on the iPhone designed to keep out the NSA would also prevent Chinese authorities snooping on Apple's users.
The censorship watchdog said this latest episode should "provide a clear warning signal to foreign companies that work with the Chinese authorities on their censorship agenda".
"Working with the authorities to help them prevent free access to news and information is not a guaranteed path to riches in China. If anything, cooperation with the Chinese authorities can now increasingly be labelled as the worst decision a foreign company can make."
Greatfire urged users to access the internet using a VPN and enable two-factor authentication on their iCloud accounts.
-
Bigger salaries, more burnout: Is the CISO role in crisis?In-depth CISOs are more stressed than ever before – but why is this and what can be done?
-
Cheap cyber crime kits can be bought on the dark web for less than $25News Research from NordVPN shows phishing kits are now widely available on the dark web and via messaging apps like Telegram, and are often selling for less than $25.
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
