Apple Aware of iCloud Login Harvesting in China, Launches Browser Security Guide

by

Earlier this week, web censorship blog Great Fire suggested that hackers aligned with Chinese authorities were using man-in-the-middle attacks in order to harvest Apple ID information from Chinese users that visited Apple's iCloud.com website.

In a newly released support document (via The Wall Street Journal), Apple has confirmed that it is aware of the "intermittent organized network attacks" on iCloud users, but says that its own servers have not been compromised.

Apple is deeply committed to protecting our customers' privacy and security. We're aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don't compromise iCloud servers, and they don't impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.

Apple's support document goes on to stress the importance of digital certificates, suggesting that users who see an invalid certificate warning in their browser while visiting iCloud.com should not proceed. The company also outlines how users can verify that their browser is connected to iCloud.com and not a third-party man-in-the-middle website.

safariicloudverified
Apple asks users to make sure that a green lock icon is visible in Safari and that the message "Safari is using an encrypted connection to www.icloud.com" is displayed when the lock icon is clicked. Apple also has verification instructions for both Chrome and Firefox.

Unfortunately, many of the victims falling prey to the fake iCloud sites are not using secure browsers that issue warnings when fake websites are visited. According to Great Fire, many Chinese users access the Internet through popular Chinese browser Qihoo, which does not let users know that a fake site is harvesting their information.

The attack works by redirecting Chinese users attempting to access iCloud.com to a fake website that resembles the iCloud website. Users that log into the fake site provide attackers with logins and passwords that can be used to access contacts, messages, photos, and documents stored within iCloud.

Though Great Fire has suggested that Chinese authorities may be involved in the attacks, a spokeswoman for China's Foreign Ministry (via CNBC) said that Beijing was "resolutely opposed" to hacking.

Chinese users should switch to a trusted browser like Firefox or Chrome to avoid falling prey to the fake iCloud.com website, or use a VPN to bypass the redirection and log in directly to iCloud.com. Two-factor authentication should also be turned on as it can prevent unauthorized users from logging into an iCloud account even when a username and password are obtained.

Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

Popular Stories

iPhone SE 4 Thumb 1

iPhone SE 4 With Apple's Own 5G Modem 'Confirmed' to Launch in March

Tuesday November 19, 2024 12:12 pm PST by
Barclays analyst Tom O'Malley and his colleagues recently traveled to Asia to meet with various electronics manufacturers and suppliers. In a research note this week, outlining key takeaways from the trip, the analysts said they have "confirmed" that a fourth-generation iPhone SE with an Apple-designed 5G modem is slated to launch towards the end of the first quarter next year. In line with previo...
Read Full Article117 comments
airtag purple

AirTag 2 Rumored to Launch Next Year With These New Features

Sunday November 17, 2024 5:18 am PST by
Apple released the AirTag in April 2021, so it is now three over and a half years old. While the AirTag has not received any hardware updates since then, a new version of the item tracking accessory is rumored to be in development. Below, we recap rumors about a second-generation AirTag. Timing Apple is aiming to release a new AirTag in mid-2025, according to Bloomberg's Mark Gurman....
Read Full Article99 comments
at t turbo indicator iphone 16 pro max v0 8hrh7w5f3w1e1

AT&T Turbo Indicator Showing Up in iPhone Status Bar for Subscribers

Wednesday November 20, 2024 3:42 am PST by
AT&T has begun displaying "Turbo" in the iPhone carrier label for customers subscribed to its premium network prioritization service, according to reports on Reddit. The new indicator seems to have started appearing after users updated to iOS 18.1.1, but that could be just coincidence. Image credit: Reddit user No_Highlight7476 The Turbo feature provides enhanced network performance through ...
Read Full Article94 comments
Generic iOS 18 Feature Real Mock

Apple Releases iOS 18.1.1 and iPadOS 18.1.1 With Security Fixes

Tuesday November 19, 2024 10:10 am PST by
Apple today released iOS 18.1.1 and iPadOS 18.1.1, minor updates to the iOS 18 and iPadOS 18 operating systems that debuted earlier in September. iOS 18.1.1 and iPadOS 18.1.1 come three weeks after the launch of iOS 18.1. The new software can be downloaded on eligible iPhones and iPads over-the-air by going to Settings > General > Software Update. Apple has also released iOS 17.7.2 for...
Read Full Article28 comments
Magic Mouse Next to Keyboard

No, Apple CEO Tim Cook Didn't Say He Prefers Logitech's MX Master 3 Over the Magic Mouse

Sunday November 17, 2024 3:03 pm PST by
While the Logitech MX Master 3 is a terrific mouse for the Mac, reports claiming that Apple CEO Tim Cook prefers that mouse over the Magic Mouse are false. The Wall Street Journal last month published an interview with Cook, in which he said he uses every Apple product every day. Soon after, The Verge's Wes Davis attempted to replicate using every Apple product in a single day. During that...
Read Full Article330 comments
iPhone 17 Slim Feature Single Camera 1 Redux

'iPhone 17 Air' Rumored to Surpass iPhone 6 as Thinnest iPhone Ever

Monday November 18, 2024 1:07 pm PST by
In a research note with Hong Kong-based investment bank Haitong today, obtained by MacRumors, Apple analyst Jeff Pu said he agrees with a recent rumor claiming that the so-called "iPhone 17 Air" will be around 6mm thick. "We agreed with the recent chatter of an 6mm thickness ultra-slim design of the iPhone 17 Slim model," he wrote. If that measurement proves to be accurate, there would be ...
Read Full Article155 comments
bug security vulnerability issue fix larry

Make Sure to Update: iOS 18.1.1 and macOS Sequoia 15.1.1 Fix Actively Exploited Vulnerabilities

Tuesday November 19, 2024 10:52 am PST by
The iOS 18.1.1, iPadOS 18.1.1, and macOS Sequoia 15.1.1 updates that Apple released today address JavaScriptCore and WebKit vulnerabilities that Apple says have been actively exploited on some devices. With the JavaScriptCore vulnerability, processing maliciously crafted web content could lead to arbitrary code execution. The WebKit vulnerability had the same issue with maliciously crafted...
Read Full Article69 comments
apple card feature2

Apple Card 3% Daily Cash Back Now Available From Two More Apple Partners

Tuesday November 19, 2024 10:36 am PST by
Apple has partnered with select merchants to offer Apple Card users three percent Daily Cash back on their purchases, and two new companies were added to the partner list today. When purchasing goods and services from Booking.com and ChargePoint, Apple Card users will now get more cash back. Booking.com is a site for reserving flights, cars, cruises, and hotels, while ChargePoint sells...
Read Full Article12 comments

Top Rated Comments

Bahroo Avatar
Bahroo
132 months ago
I love how half-assed Apple security is.

----------



So Apple, the "innovators" makers of "magical and revolutionary" products, can't seem to figure out internet security? My boring old bank does a great job of it, yet this is not Apple's fault?


Are you on drugs bro? this isn't Apple's fault at all, its people in China , they made a fake iCloud website that looks just like the real one and if your using a 3rd party browser, you get routed to this fake website, and its very easy to spot that there is no SSL protection/no green box next to the website link, this is common sense, and isn't Apple's fault in any way at all. This is not a issue if you use reliable browsers like Firefox, Chrome, IE, etc
Score: 14 Votes (Like | Disagree)
Deelron Avatar
Deelron
132 months ago

So Apple, the "innovators" makers of "magical and revolutionary" products, can't seem to figure out internet security? My boring old bank does a great job of it, yet this is not Apple's fault?

I'm fairly sure your boring old bank would fail if their direct access to the Internet was compromised.
Score: 9 Votes (Like | Disagree)
Small White Car Avatar
Small White Car
132 months ago

So Apple, the "innovators" makers of "magical and revolutionary" products, can't seem to figure out internet security? My boring old bank does a great job of it, yet this is not Apple's fault?
Your boring old bank is open to EXACTLY this kind of attack in EXACTLY the same ways.

Furthermore, if I called your bank and asked them what to do about it they'd give the EXACT same advice Mac Rumors has given here.

EDIT: And before you come back and tell me about how your bank requires a picture of a parrot or a soccer ball or something, ask yourself if you think the people who don't know what an SSL lock looks like will be at all deterred from signing in when their favorite kind of bird doesn't show up this one time.
Score: 8 Votes (Like | Disagree)
iphonedude2008 Avatar
iphonedude2008
132 months ago
I'm fairly sure your boring old bank would fail if their direct access to the Internet was compromised.

This. Someone here gets it.
Score: 7 Votes (Like | Disagree)
iphonedude2008 Avatar
iphonedude2008
132 months ago
I love how half-assed Apple security is.

----------



So Apple, the "innovators" makers of "magical and revolutionary" products, can't seem to figure out internet security? My boring old bank does a great job of it, yet this is not Apple's fault?

He's saying its not apples fault because this is a phishing scam. The browser goes to a scam site instead of apple's. All they can do is tell user to check for the correct certificate, reset passwords, and enable 2 factor.
Score: 6 Votes (Like | Disagree)
Deelron Avatar
Deelron
132 months ago
Though Great Fire has suggested that Chinese authorities may be involved in the attacks, a spokeswoman for China's Foreign Ministry (via CNBC) said that Beijing was "resolutely opposed" to hacking.

You keep using that word, I do not think it means what you think it means.
Score: 6 Votes (Like | Disagree)
Read All Comments