Chinese government accused of stealing iCloud passwords

chinese flags with apple logos

The attack sends you to a fake website.

Just a week after the new iPhone 6 hit China, a new report accuses the Chinese government of launching a cyberattack against the country’s  iCloud users.

The attack is designed to steal usernames and passwords and gain access to private data and accounts, according to a report by anti-censorship watchdogs GreatFire.org.

GreatFire, which previously broke stories about Chinese attacks on Github, Google, and Yahoo, says that Chinese authorities are staging a man-in-the-middle (MITM) attack, which redirects Apple users to a fake iCloud.com site, then prompts them to enter their username and password. Microsoft’s login.live.com is currently facing a similar attack.

Apple recently gained a lot of attention when it announced it would encrypt the new iPhone by default. F.B.I. director James Comey called the new phones “black holes.”

This new attack is the perfect example of how much Comey’s criticism omits: the phone is encrypted, but the data leaving the phone is not. Neither is iCloud, which can hold full access to contacts, photos, messages, and a variety of other personal data.

GreatFire hypothesized that this latest attack could be a direct response to Apple’s new encryption defaults.

“This attack will come as a surprise to Apple,” GreatFire asserted. “In the past, the company has had a bromance with the authorities and have blindly acquiesced when asked to remove apps from the China app store. With such a close, cozy and snuggly relationship, it is hard to imagine that the executives at Apple felt that they would get this kind of treatment in China.”

The attack affects users of China’s most popular Web browser, Qihoo’s 360 Secure Browser, which doesn’t flag the problem. Firefox and Chrome, on the other hand, immediately let users know. Users can also avoid the attack by connecting to iCloud through a Virtual Private Network (VPN).

Photo via Daderot (PD) | Remix by Jason Reed

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.