Chinese Government Apparently Phishing Icloud Account Info With Man In The Middle Attack Update Apple Confirms

Update: Apple is aware of the attack, via CNBC. As expected, Apple’s own servers were not compromised.

Although unconfirmed, GreatFire is reporting that Apple is now the subject of Chinese government hacking attempts. According to the report, the government is using the institutional firewall to redirect traffic directed at iCloud.com to a fake page that resembles the iCloud.com interface almost perfectly.

Like other phishing attacks, this page is pretending to be Apple’s portal but instead intercepts entered usernames and passwords for other means. Although some browsers in China are set up to warn users about these kind of man-in-the-middle attacks, many don’t and (assumedly) many citizens disregard the warnings as the site appears quite genuine otherwise.

If true, the implications for Apple vis-a-vis Chinese relations are huge. Apple and the Chinese government have seen to have a friendly relationship in the past, so it is unclear why the government would want to ‘rock the boat’ with such an attack now. We’ll update if we hear more information or a comment from Apple on the situation.

More information about the attack, including technical logs and trace routes, can be found on the GreatFire website.