Apple has released a Security fix for its iCloud service amidst iCloud MitM attacks in China
One of the Apple’s most popular service, “iCloud” which provides cloud storage and cloud computing service was once again in the news after a group that monitors online censorship in China accused the People’s Republic of intercepting traffic between local users and iCloud and harvesting user credentials.
Attack in Action (MitM)
The hacking attack used is said to be MitM or The man-in-the-middle attack is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker, leading the victim to provide login credentials and other important data to the attackers.
Apple on Tuesday indirectly confirmed the hack, saying that it is aware of some organisations trying to steal passwords and other data using man-in-the-middle attack (MitM).
“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple said.
Apple also warned the users to not to enter their iCloud login credentials (username and passwords) if they see a warning for an invalid digital certificate at the top of their browsers.
Apple did not mention any information of the attackers neither they pointed the source of the attack to someone in particular. However many Chinese internet users have begun seeing warnings that indicate they had been diverted to an unauthorized website when they attempted to sign into their iCloud accounts. The unauthorized website was harvesting user credentials as per the reports
What is this new fix
The new fix released by Apple seems to be a temporary fix and a stop gap arrangement as doesn’t do much than warning users of a impending MitM attack or directing Chinese users to a different server that has not been targeted by the attack by changing the DNS servers . Chinese censorship monitoring group, GreatFire tweeted the following, post the release of fix by Apple.
Apple changed https://t.co/ntNAO3GHrs DNS in China to avoid MITM. The attacked 220.127.116.11 is no longer used. But will GFW attack new IP?
— GreatFire.org (@GreatFireChina) October 21, 2014
Chinese Government behind the hack ?
The Chinese Government has denied all the allegations of launching a Man-in-the Middle attack on iCloud users to steal user credentials and other data.
Chinese Foreign Ministry spokeswoman Hua Chunying said that China is “resolutely opposed” to hacking. The state owned telecom operators providing the internet services which are accused of allegedly being involved in the attack along with the government, have also denied the allegations in a statement, saying “the accusation is untrue and unfounded. Mashable reported.
However security researchers monitoring the Chinese Great Firewall have claimed to have strong proofs of the Chinese governments involvement in the attack. GreatFire another of those monitoring the Chinese internet censorship, even posted the images of the fake login page.
Why iCloud has been buzzing around the media.
Apples iCloud has been hogging the news for all the wrong reasons ever since the recent iCloud hacks and leaks popularly known as iCloud Hacks, in which hundreds of private and NSFW images of Hollywood celebrities has been leaked.