China Accused of Spying on Apple Users

Apple is the alleged victim of a man-in-the-middle attack organized by Chinese-hackers to capture users` credentials, according to Chinese web monitor GreatFire.org.

After similar attacks against Github, Google, Yahoo and Microsoft, it seems Chinese hackers tried to get access to usernames and passwords as well as other data stored on iCloud such as iMessages, photos and contacts.

The Great Firewall of China used self-signed SSL certificates to intercept communications. Apparently only one IP address was attacked, therefore “not all users in China are affected because the iCloud DNS might return different IP addresses.”

The attack most likely could not have been staged without the knowledge of Internet providers like China Telecom, GreatFire added.

“The previous MITM attacks all showed the same characteristics as this one,” Charlie Smith, Greatfire.org co-founder, said in an email. “Apple did not need to be doing anything with China Telecom for this attack to happen, i.e. the authorities did not need that relationship to stage an attack like this one.”

The attack comes several weeks after Apple announced its intentions to store iCloud data for Chinese users on China Telecom servers.

GreatFire.org also suggested that this latest incident may be related to the ongoing Hong Kong protests which has involved participants sharing videos and images using social media websites.