Chinese Authorities Allegedly Harvesting iCloud Logins Using Redirected Dummy Site

Discussion in 'Politics, Religion, Social Issues' started by MacRumors, Oct 20, 2014.

  1. MacRumors macrumors bot

    MacRumors

    Joined:
    Apr 12, 2001
    #1
    [​IMG]


    Chinese authorities allegedly are using a man-in-the-middle attack to harvest Apple ID information from Chinese users visiting Apple's iCloud service, reports web censorship blog Great Fire (via The Verge). A similar attack reportedly targets Microsoft's login.live.com website.

    [​IMG]
    According to Great Fire, Chinese users trying to access iCloud.com are redirected to a fake site that resembles Apple's iCloud website. While some browsers will issue a warning, popular Chinese browser Qihoo gives no indication users are entering their Apple credentials into a dummy site. Users fooled by the site may be putting their personal information at risk as attackers can then use these login details to access contacts, messages and more stored in iCloud.
    This attack follows the Chinese launch of the new iPhone 6 and 6 Plus and may be related to the encryption options and increased security of Apple's iOS 8. It is possible Chinese authorities are using this hack to penalize Apple for taking extra measures that would prevent the government from snooping on phones.

    Great Fire advises Chinese users to switch to a trusted browser such as Firefox and Chrome, which will warn users when they access an illegitimate site. Apple owners also can use a VPN to bypass this redirection and connect directly to iCloud.com. Two-factor authentication may also prevent attackers from accessing an iCloud account using a compromised username and password.

    Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.

    Article Link: Chinese Authorities Allegedly Harvesting iCloud Logins Using Redirected Dummy Site
     
  2. Solver macrumors 6502a

    Joined:
    Jan 6, 2004
    Location:
    Cupertino, CA
  3. JoEw macrumors 65832

    JoEw

    Joined:
    Nov 29, 2009
    #3
    Trying to stop the revolution that surely is coming.
     
  4. nerdAFK macrumors regular

    nerdAFK

    Joined:
    Apr 24, 2014
  5. haruhiko macrumors 601

    haruhiko

    Joined:
    Sep 29, 2009
    #5
    Just don't use fishy web browsers like Qihoo whatever and you're safe.
     
  6. whooleytoo macrumors 603

    whooleytoo

    Joined:
    Aug 2, 2002
    Location:
    Cork, Ireland.
    #6
    Too lazy. They just go straight to Apple and ask them to hand the data over.
     
  7. haruhiko macrumors 601

    haruhiko

    Joined:
    Sep 29, 2009
    #7
    But Tim Cook just gave these governments a big middle finger - "even we're required to provide the data we cannot decrypt it"...

    (if Tim is not lying)
     
  8. macnisse macrumors 6502

    Joined:
    Jun 26, 2010
    #8
    Wow! Doubling down? Looking fwd to Tim's response!
     
  9. brendu macrumors 68020

    Joined:
    Apr 23, 2009
    Location:
    USA
    #9
    He claims they (Apple) can't decrypt it. To the best of his knowledge this is likely true. I still wouldn't bet against the possibility that the NSA has full access to Apple's (and everyone else's) servers and no one at Apple even knows about it.
     
  10. Solver macrumors 6502a

    Joined:
    Jan 6, 2004
    Location:
    Cupertino, CA
    #10
    Apple has been publicly resistant to these requests. Some people/companies will hand over other people's confidential data before the ink hits a formal written request while others resist the urge until a least the first fingernail is pulled.
     
  11. Deelron macrumors regular

    Joined:
    Jan 30, 2009
    #11
    It's seems to me it's just what Chinese authorities do (not trying to penalize Apple specificly), and of course they are.
     
  12. menano macrumors regular

    menano

    Joined:
    Jun 7, 2011
    Location:
    Neverland
  13. dannyyankou macrumors 604

    dannyyankou

    Joined:
    Mar 2, 2012
    #13
    This is a classic example of phishing, so it's not Apple's fault. They should use a better browser next time.
     
  14. i.mac macrumors 6502a

    Joined:
    Dec 14, 2007
    #14
    Ignorance.
     
  15. troy14 macrumors 6502a

    Joined:
    Mar 25, 2008
    Location:
    Las Vegas (Summerlin), NV
    #15
    Well, Phishing is generally not associated with actual government organizations. This is something much different in my opinion, and using a better browser "might" be a solution, however, it seems as if Qihoo is the equivalent to using Firefox in the U.S.
     
  16. Fzang macrumors 65816

    Fzang

    Joined:
    Jun 15, 2013
    #16
    I'm in Beijing, and even accessing iCloud through Baidu gives me the (allegedly) official site, https://iCloud.com with Apple's certificate. Does that mean I'm permanently safe? I've been using the website several times in the last couple of days before seeing these news.
     
  17. roland.g macrumors 603

    roland.g

    Joined:
    Apr 11, 2005
    Location:
    One mile up and soaring
    #17
    Yes, but redirects from legitimate sites and goofy unintelligible code looking URLs are common for logging into banking and many other secure websites, so users may not realize the fake redirect is not legitimate.
     
  18. V.K. macrumors 6502a

    V.K.

    Joined:
    Dec 5, 2007
    Location:
    Toronto, Canada
    #18
    did you even read the article?! WTH does it have to do with doubling down?! this is a classic man-in-the-middle attack. it has nothing to do with hacking Apple itself.


    I suspect this is it. It would also explain the strange delay in granting iphone 6 licenses in China. They were likely trying to get Apple to give them some kind of back door access to icloud. when that didn't work they resorted to this brazen man-in-the-middle attack.
     
  19. whooleytoo macrumors 603

    whooleytoo

    Joined:
    Aug 2, 2002
    Location:
    Cork, Ireland.
    #19
    Could Cook have a gag order preventing him revealing data-sharing arrangements? We know that's the case elsewhere. Maybe he's over-selling Apple being on the side of privacy - that would impress a lot of people. Or maybe he's absolutely correct and truthful. Who knows?

    At this stage, who do you trust? The thing about trust is that once lost, it's a lot harder to get back. I now work on the basis that any data/documents that I send or store on cloud services is readable by outside parties.

    Tech companies have been really caught in the middle of this, but still they are the entities to which we're giving our personal data, and they're the ones I hold responsible for the security and privacy of that data. As the song (kinda) goes...

    Tim Cook says "We will protect you"
    I don't subscribe to this point of view
    Believe me when I say to you
    I hope the NSA love their privacy too.
     
  20. netslacker macrumors 6502

    Joined:
    Jan 21, 2008
    #20
    No, you're not. As the article on iDownloadblog.com states, many users are clicking through the security warnings anyways and continuing through to the fraudulent site. Using a different browser still can't save stupid from being stupid.
     
  21. Jibbajabba macrumors 65816

    Joined:
    Aug 13, 2011
    #21
    Or they aren't that stupidly obvious when fishing for data :)

    ----------

    Indeed. Wife was browsing to her online banking site and got a security error and clicked faster than I could say 'stop'. Granted, the SSL was 'uist' expired rather than a dodgy website, but regardless I suggested waiting a day making sure they have renewed it.
     
  22. kd5jos macrumors 6502

    kd5jos

    Joined:
    Oct 28, 2007
    Location:
    Denver, CO
    #22
    And I would take that bet. Apple designs the hardware AND the OS. No, I don't see the government sneaking something in on this one. Another provider where the OS is closed source and many people manufacture what goes in the box... I could see the government getting access. No, I don't believe in magic, which is what the NSA would have to be using at this point.
     
  23. 3282868 macrumors 603

    Joined:
    Jan 8, 2009
    #23
    It's "possible" or "fact"?

    If this pans out to be valid, it makes me even more ill that so much business is conducted in China.

    Then again, our NSA, CIA, etc aren't angels by any stretch. :(
     
  24. Fzang macrumors 65816

    Fzang

    Joined:
    Jun 15, 2013
    #24
    Okay, so now I've tried Safari 8, IE 11 and the latest Qihoo. None of them give any security messages. Qihoo's URL and certificate looks perfectly legit.

    What's going on? What can I trust!?
     
  25. OtherJesus macrumors 6502

    OtherJesus

    Joined:
    Sep 28, 2005
    Location:
    Bay Area, California

Share This Page