Apple has released a Security fix for its iCloud service amidst iCloud MitM attacks in China
One of the Apple’s most popular service, “iCloud” which providesย cloud storage and cloud computing service was once again in the news afterย a group that monitors online censorship in China accused the People’s Republic of intercepting traffic between local users and iCloud and harvesting user credentials.
Attack in Action (MitM)
The hacking attack used is said to be MitM orย The man-in-the-middle attackย is a form of active eavesdropping in which the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker, leading the victim to provide login credentials and other important data to the attackers.
Apple on Tuesday indirectly confirmed theย hack, saying that it is aware of some organisations trying to steal passwords and other data using man-in-the-middle attack (MitM).
“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple said.ย
Apple also warned the users toย not to enter their iCloud login credentials (username and passwords) if they see a warning for an invalid digital certificate at the top of their browsers.
Apple did not mention any information of the attackers neither they pointed the source of the attack to someone in particular. However manyย Chinese internet users have begun seeing warnings that indicate they had been diverted to an unauthorized website when they attempted to sign into their iCloud accounts. Theย unauthorized website was harvesting user credentials as per the reportsย
What is this new fix
The new fix released by Apple seems to be a temporary fix and a stop gap arrangement as doesn’t do much than warning users of a impending MitM attack orย directing Chinese users to a different server that has not been targeted by the attack by changing the DNS servers . Chinese censorship monitoring group, GreatFire tweeted the following, post the release of fix by Apple.
Apple changed https://t.co/ntNAO3GHrs DNS in China to avoid MITM. The attacked 23.59.94.46 is no longer used. But will GFW attack new IP?
— GreatFire.org (@GreatFireChina) October 21, 2014
Chinese Government behind the hack ?ย
The Chinese Government has denied all the allegations of launching a Man-in-the Middle attack on iCloud users to steal user credentials and other data.
Chinese Foreign Ministry spokeswoman Hua Chunying said that China is “resolutely opposed” to hacking. The state owned telecom operators providing the internet services which are accused of allegedly being involved in the attack along with the government, ย have also denied the allegations in a statement, saying “the accusation is untrue and unfounded. Mashable reported.
However security researchers monitoring the Chinese Great Firewall have claimed to have strong proofs of the Chinese governments involvement in the attack. GreatFire another of those monitoring the Chinese internet censorship, even posted the images of the fake login page.
Why iCloud hasย been buzzing around the media.
Apples iCloud has been hogging the news for all the wrong reasons ever since the recent iCloud hacks and leaks popularly known as iCloud Hacks, in which hundreds of private and NSFW images of Hollywood celebrities has been leaked.ย