Earlier this week, the Great Fire web censorship blog indicated that hackers, possibly working with the Chinese government, were harvesting Apple ID information from iCloud users in China when they visited Apple’s iCloud.com website.
Now, via a new support document, Apple confirms that it knows about the “intermittent organized network attacks” on Chinese iCloud users, but assures users that its own servers have not been compromised.
“Apple is deeply committed to protecting our customers’ privacy and security. We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously. These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”
Apple’s support document stresses the importance of digital certificates, noting that users who receive an invalid certificate warning in their browser when attempting to login to iCloud.com should not continue with the login process.
Apple also tells users how to assure that their browser is connected to the real iCloud.com site, and not a man-in-the-middle attack site.
“When you’re connected to the authentic iCloud website in Safari, you’ll see a green lock icon in the toolbar next to Apple Inc. Choose the lock icon to see a message that says “Safari is using an encrypted connection to www.icloud.com.” This indicates that the connection is secure and you can sign in normally.”
“If you’re connecting to a website that isn’t secure, you’ll see a message that says “Safari can’t verify the identity of the website.” If you see this message, don’t proceed or attempt to sign in.”
The support document also includes instructions for users of Firefox and Chrome browsers.
Sadly, many of the Chinese users who have fallen prey to the fake sites are using a popular Chinese browser, Qihoo, which does not inform users when a fake site may be stealing their information.
Although it has been suggested that the Chinese government may be involved in the attacks, a spokesperson for China’s Foreign Ministry stated that Beijing was “resolutely opposed” to hacking.
Other steps to avoid the man-in-the-middle attack include using a VPN to bypass the redirection, and enabling two-factor authentication on your iCloud account to prevent attackers from accessing a compromised iCloud account.
More information about the attack can be read on the Great Fire website.
(Via MacRumors)