HONG KONG – The Apple users of China are facing more problems and it has become a normal thing.
According to security experts and cybersecurity monitoring groups، said on Monday، that people trying to use Apple’s cloud storage service the iCloud are facing various problems while logging in as they became the target of attacks which sought to steal the user’s passwords and then stalk or spy on their activities.
Many users in China upon logging in to their iCloud personal accounts starting over the weekend، have somehow given their personal and login in details to a third party unknowingly، in a man-in-the-middle attack.
Activists and security experts also claim that they believe these attacks are backed by the China government as services are hosted through servers to which Government and Government-run telecommunications companies have access. These attacks are similar to the recent attack on Microsoft، Google and Yahoo، where the user’s personal data and their activities were retrieved by an unknown third party.
“All signs point to the Chinese government’s involvement” said Vice President Micheal Sutton of threat research at Zscaler، a San Jose، Calif security company. He also highlighted that this attack came from the core backbone of the Chinese Internet and such a feat could not have been pulled off without the involvement of Chinese government.
“The Chinese government could no longer sniff traffic، so they intercepted that traffic between the browser and the iCloud server” Mr. Sutton added.
Many famous web browers like Apple’s Safari، Google’s Chrome and Mozilla’s firefox، had a pop-up warning، that said of a cerificate encryption which is supposed to identify who is on the other end of the web session should not be trusted، hinting that the users were already being inadvertently communicating with the attackers، rather than iCloud. But Qihoo، a browser offered by the Qihoo 360 Technology which is popular in China did not flash the warning.
These attacks fall in the same timeline as the release of the new iPhone in the China market، so it is largely implicated that the attacks are a means of China government to harvest a large amount of sign-in data from users who would be making the switch to iPhone 6.