Chinese authorities have launched an expansive surveillance effort that’s ensnared Apple customers’ username and password information, according to a new advisory from an Internet censorship watchdog. The nationwide attack, which coincides with the official release of the iPhone 6 in China, comes after similar hacks targeted Microsoft and Yahoo.
GreatFire.org, a nonprofit organization that monitors the Chinese Internet for censorship, reported Monday that all Chinese Internet users who tried visiting iCloud.com were redirected to a bait page meant to look exactly like an Apple log-in page. Users who visited the site with Google Chrome or Firefox were warned about the site’s unreliability but Qihoo, the most popular Chinese Web browser, offered no such advisory, GreatFire explained.
Known as a man-in-the-middle attack, the hack fools users into believing that they are communicating over an encrypted connection.
“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.,” GreatFire wrote Monday. “If users ignored the security warning and clicked through to the Apple site and entered their username and password, this information has now been compromised by Chinese authorities.”
Chinese authorities have long criticized Apple devices, claiming that the popular phones provide American intelligence agencies with a near-unrestricted view of communication on mainland China. While Apple has denied installing any kind of backdoor technology at the behest of the U.S. National Security Agency, the company has made headlines in recent weeks for instituting new levels of encryption that even Apple itself can’t decipher.
“This latest MITIM attack may be related to the increased security aspects of Apple’s new iPhone,” GreatFire went on. “Ironically, Apple increased the encryption aspects on the phone allegedly to prevent snooping from the NSA. However, this increased encryption would also prevent the Chinese authorities from snooping on Apple user data.... [T]his MITM attack may indicate that there is at least some conflict between the Chinese authorities and Apple over some of the features on the new phone.”
Similar infiltrations have been reported when users visited GitHub, Yahoo, Microsoft and Google, which was the subject of a MITM attack in September. The Chinese government has consistently denied engaging in cyberwarfare of any kind, but security experts have reported a number of new intrusions since pro-democracy protests began in Hong Kong on Sept. 26.
Only days after the demonstrations began security researchers revealed a similar method of surveillance when they pointed at the Chinese military as the origin of a pair of smartphone apps capable of monitoring all the communications of someone who downloads them.