Cyber Monday Deal: Up to 60% off InvestingProCLAIM SALE

China-backed hackers target Apple's iCloud users- blog

Published 21/10/2014, 19:39
© Reuters A woman holds up the iPhone 6 Plus at the Apple Store in Tokyo

By Jim Finkle, Gerry Shih and Ben Blanchard

BOSTON/BEIJING (Reuters) - Apple Inc's iCloud storage service in China was attacked by hackers trying to steal user credentials, a Chinese web monitoring group said, adding that it believes the Beijing government is behind the campaign.

Using what is called a "man-in-the-middle" (MITM) attack, the hackers interposed their own website between users and Apple's iCloud server, intercepting data and potentially gaining access to passwords, iMessages, photos and contacts, Greatfire.org wrote in its blog post.

An Apple representative declined comment on the allegations that Beijing was trying to spy on Apple customers, but noted that the company had updated its technical support page to provide advice on how to protect against such attacks.

"We're aware of intermittent organised network attacks using insecure certificates to obtain user information, and we take this very seriously," the page read.

Apple tells users to never enter their iCloud password if they get warnings about invalid digital certificates when visiting www.icloud.com. It also describes procedures users can use to verify they are connected to Apple's legitimate site when using various browsers.

Greatfire.org, which conducts research on Chinese Internet censorship, alleged government involvement in the attack, saying it resembled previous attacks on Google Inc, Yahoo Inc and Microsoft Corp's Hotmail.

Asked about the attack, Chinese Foreign Ministry spokesperson Hua Chunying told a daily news briefing that Beijing was "resolutely opposed" to hacking.

The attack cited by Greatfire comes several weeks after Apple said it would begin storing iCloud data for Chinese users on China Telecom servers.

It also coincided with the start of iPhone 6 sales in China, which began Friday after weeks of talks between China and Apple over what the government said were cybersecurity concerns.

Two independent security experts contacted by Reuters said Greatfire's report appeared credible.

"All the evidence I've seen would support that this is a real attack," said Mikko Hypponen, chief research officer at security software developer F-Secure.

Greatfire.org said the attack most likely could not have been staged without knowledge of Internet providers like China Telecom, given they appeared to originate from "deep within the Chinese domestic Internet backbone".

But the group said the attack may not be linked to Apple's recent decision to store user data on China Telecom servers.

It was unclear if the hackers were still active. Apple did not have an immediate comment when contacted.

A China Telecom spokesman said: "The accusation is untrue and unfounded."

© Reuters. Apple CEO Tim Cook looks at a new IMac after presentation at Apple headquarters in Cupertino

Apple said at the time the move to China Telecom was made to improve the speed of service for Chinese servers and flatly denied the possibility that it would expose user data.

(Reporting by Jim Finkle in Boston and Gerry Shih and Ben Blanchard in Beijing. Additional reporting by Christina Farr in San Francisco; Writing by Edwin Chan; Editing by Andre Grenon, Miral Fahmy and Stephen Coates)

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.