China intercepts account names and passwords from iCloud users

China carries out man-in-the-middle attacks on users of Apple’s storage service iCloud, claims digital civil rights movement GreatFire. The Chinese authorities would block the iCloud site and redirect users of the service to a fake site.

Chrome and Firefox would give errors when redirecting to the fake page, but the popular and ‘safe’ Chinese browser Qihoo 360 would redirect the user straight away. If you ignore the error messages when attempting to access iCloud.com, you will be presented with a website similar to Apple’s storage service. Usernames and passwords entered here are captured by the administrators, claims GreatFire, which specializes in monitoring online censorship in China. The Chinese authorities are behind the man-in-the-middle attack via the Great Firewall of China, according to the organization.

The attempt to collect login names and passwords resembles earlier attacks by the Chinese authorities on Google, Yahoo, GitHub and Microsoft. The attack comes as the new iPhones become available in China. According to GreatFire, the move is a response to the increased security measures Apple has implemented with iOS 8, such as expanded encryption capabilities.

The attack would not target all iCloud IP addresses, thus allowing some users to get the authentic iCloud site. GreatFire recommends Chinese users use a VPN to access the online storage service and enable two-way authentication.