Bogus iCloud log-in page fools Chinese Apple users

Probably not looking for nude celebs this time

Chinese hackers have launched a man-in-the-middle attack designed to intercept the usernames and passwords of Apple's iCloud users. 

According to reports from anti-censorship organisation Greatfire, the hack coincides with the launch of the Apple iPhone 6 and 6 Plus in the country.

The organisation said Chinese users that try to log into iCloud using the IP address will see a fake login site identical to the real Apple iCloud login page. However, alarm bells should ring as the fake site throws up a few security warnings.

Advertisement - Article continues below

Users with browsers such as Chrome or Firefox should detect fake security certificates, however many in the country prefer to use home-grown browsers that do not flag these certificates as bogus. Greatfire said Qihoo's popular Chinese 360 secure browser is "anything but and will load the MITMed page directly."

If users ignore the warnings, their details will get passed onto eavesdroppers, it is claimed.

"This is clearly a malicious attack on Apple in an effort to gain access to user names and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc," said Greatfire in the blog post.

"Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone."

Advertisement - Article continues below

The censorship watchdog said authorities had also mounted attacks on Google, Yahoo, Github and others. It said the latest attack may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.

Advertisement - Article continues below

Greatfire also said the attack could be related to the increased security of the new iPhone. Better encryption on the iPhone designed to keep out the NSA would also prevent Chinese authorities snooping on Apple's users.

The censorship watchdog said this latest episode should "provide a clear warning signal to foreign companies that work with the Chinese authorities on their censorship agenda".

"Working with the authorities to help them prevent free access to news and information is not a guaranteed path to riches in China. If anything, cooperation with the Chinese authorities can now increasingly be labelled as the worst decision a foreign company can make."

Greatfire urged users to access the internet using a VPN and enable two-factor authentication on their iCloud accounts.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now



K2View innovates in data management with new encryption patent

28 May 2020
Mobile Phones

iPhone 11 is now the world’s most popular smartphone

28 May 2020

ZLoader malware returns as a coronavirus phishing scam

27 May 2020

AnarchyGrabber hack steals Discord tokens, IDs and passwords

27 May 2020

Most Popular

Microsoft Windows

Microsoft warns users not to install Windows 10's May update

28 May 2020
cyber security

Microsoft bans Trend Micro driver from Windows 10 for "cheating" hardware tests

27 May 2020
data protection

NHS yet to understand risks of holding Test and Trace data for 20 years

29 May 2020