In wake of the iPhone 6’s release in China, reports have surfaced that the Chinese government is conducting cyber attacks on users of the iCloud system.
Censorship watchdog organization Greatfire.org released evidence that access to the popular Apple service is being blocked and traffic redirected to an official looking dummy site where users are prompted to log in.
The intricacy of these “man in the middle” phishing attacks suggests government involvement, as the hack takes place at the level of the Golden Shield Project, an elaborate firewall used by the government to censor and monitor web content.
Secure web browsers such as Firefox and Chrome recognize the site as unofficial and present a warning message, but some Chinese browsers fail to alert users of the vulnerability. This could result in unsuspecting victims giving away their iCloud credentials. Once login information is compromised, all personal information on iCloud including photos, text messages and browser history are accessible to the attacker.
Microsoft users are also under siege with a similar hack being levied against Microsoft Live.
As troubling as the attack is, not all Chinese iCloud users will be affected. The hack targets one specific iCloud IP address, leaving the rest free. Users can connect to an unaffected IP using VPN software.
While web services like Google have weathered cyber attacks in China before, Apple was thought to have an amicable relationship with authorities. The company is known to have complied with demands from the Chinese government, including removing controversial apps from its Chinese app store.
The iCloud attack comes amid the Umbrella Movement protests in Hong Kong, leading to speculation that the government officials could be trying to gather information related to the protests.
