China-backed hackers reportedly target Apple’s iCloud users

Latest incident in Apple’s mixed fortunes in China

Apple’s iPhone 6 went on sale in China earlier this month. Photograph: Diego Azubel/EPA
Apple’s iPhone 6 went on sale in China earlier this month. Photograph: Diego Azubel/EPA

Apple's experience in China has been a decidedly mixed one. The company has certainly made lot of money in the world's second-biggest economy but has often wrestled with thorny issues.

These include accusations by authorities over working conditions at its suppliers and allegations it treats Chinese consumers worse than those in other markets. Then there was a lengthy delay in a carriage deal with the country's biggest mobile carrier, China Mobile, and a lack of regulatory approval for new products such as the iPhone 6.

Now it appears Apple’s iCloud storage service in China was attacked by hackers trying to steal user credentials. This comes from a Chinese web- monitoring group, which also believes the Beijing government is behind the campaign, eager to get information from people buying the iPhone 6.

The attack came through what is apparently known as a “man-in-the-middle” attack, and it will have given the hackers access to passwords, iMessages, photos and contacts.

READ MORE

The Chinese government denied the reports, saying it was "resolutely opposed to hacking". Apple made no comment but updated its technical support page with advice on how to protect against such attacks.

“We’re aware of intermittent, organised network attacks using insecure certificates to obtain user information and we take this very seriously,” the page said.

The news came from Greatfire.org, which conducts research on Chinese internet censorship. It said the iCloud attack was similar to previous attacks on Google, Yahoo and Microsoft Hotmail.

Greatfire.org said it was very likely the attack could not have been staged without knowledge of internet providers such as China Telecom, as they appeared to originate from "deep within the Chinese domestic internet backbone".

The iPhone went on sale in China earlier this month, after a delay over cybersecurity concerns that led to lengthy talks.

iCloud password

Apple tells users to never enter their iCloud password if they get warnings about invalid digital certificates when visiting icloud.com. It also describes procedures users can use to verify they are connected to Apple’s legitimate site when using various browsers.

Asked about the attack, Chinese foreign ministry spokesperson Hua Chunying told a daily news briefing that Beijing was "resolutely opposed" to hacking.

The attack cited by Greatfire comes several weeks after Apple said it would begin storing iCloud data for Chinese users on China Telecom servers.

Two independent security experts said Greatfire’s report appeared credible.

"All the evidence I've seen would support that this is a real attack," said Mikko Hypponen, chief research officer at security software developer F-Secure.

But the group said the attack may not be linked to Apple’s recent decision to store user data on China Telecom servers.

It was unclear if the hackers were still active. Apple did not have an immediate comment when contacted.

A China Telecom spokesman said: “The accusation is untrue and unfounded.”

Apple said at the time the move to China Telecom was made to improve the speed of service for Chinese servers and flatly denied the possibility that it would expose user data.