Skip to main content

Apple acknowledges iCloud hacking in China, but says its servers are safe

apple icloud hack china header f
Image used with permission by copyright holder
Apple responded to concerns that its iCloud service was compromised following a widespread, man-in-the-middle (MITM) attack that is believed to have been sanctioned by the Chinese government.

First brought to light by GreatFire.org, the Chinese government is reportedly using the national firewall system (or the “Great Firewall of China,” as it’s colloquially known) to redirect iCloud users to spoofed pages. By fooling older browsers with phony certificates and hijacked addresses, the apparent intention is to compromise the credentials of unsuspecting visitors.

Related: Apple CEO promises new security measures after iCloud celebrity photo hack

The source of the attack is reportedly China Telecom, a company with ties to Chinese leadership. In August, Apple agreed to store local China iCloud data in China Telecom’s servers.

On Tuesday, Apple told CNBC that it was aware of “intermittent organized network attacks,” but that iCloud servers hadn’t been compromised. The company also said that iCloud sign-in on mobile and Macs running the latest version of OS X are not at risk.

Related: Hackers trick Apple into providing access to an iCloud account, chaos ensues

The same can’t be said for iCloud account holders who log in using outdated Internet browsers, which will not automatically warn of interception (newer distributions of Firefox and Chrome can alert of fake certificates). Users of those and other browsers can still get around the attack by using an unaffected IP address.

GreatFire.org speculates the attack is an attempt to circumvent security measures introduced with the iPhone 6 and 6 Plus, which went on sale in China last week.  It’s hardly the first instance of a hack orchestrated by the Chinese government, though. Yahoo was targeted earlier this month, and a MITM attack continues to affect Microsoft’s Outlook mail service.

The news comes after a slew of female celebrities saw their private photographs — often nude ones — made public after iCloud’s weak security was breached. Called “The Fappening,” the stolen photographs contains naked and semi-naked pictures and videos of more than 100 A-list celebrities, among them Oscar-winning actress Jennifer Lawrence, singer Rihanna, swimsuit model Kate Upton, and TV star Kim Kardashian. While some of the celebrities argue that the pictures are frauds, others  confirmed that the posted photos of themselves were indeed authentic.

To boost security, Apple CEO Tim Cook told the Wall Street Journal that customers would receive alerts via email and push notifications if another person attempts to perform actions such as change an account password, restore iCloud data to another device, or when a device logs in for the first time.

Editors' Recommendations

Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
Everything Apple didn’t announce at its iPhone 15 event
Apple's September 2023 event Tim Cook

Yesterday's iPhone 15 event revolved solely around the iPhone 15/iPhone 15 Plus, iPhone 15 Pro/Pro Max, and Apple Watch Series 9 (along with Apple Watch Ultra 2). As a result, no new iPads, Macs, or audio products were announced. This news isn't surprising, and the omissions suggest another Apple event may occur before the year's end, although this has yet to be confirmed and may not happen for a few weeks.

There are a lot of would-be Apple products that could make appearances in the coming weeks or months — but weren't shown at today's event.
New iPads

Read more
It’s official — Apple will announce the iPhone 15 on September 12
Invite for Apple's September 2023 event.

It's official. After months upon months of speculation, we now know when Apple will announce its latest batch of iPhones, Apple Watches, and more. On August 29, Apple sent out press invites for its latest event, which is set to take place on Tuesday, September 12, 2023.

The event invite shows the Apple logo at the top, stylized with what looks like grains of sand in gray, blue, and silvery colors. This is almost certainly a nod to the iPhone 15 Pro, which is heavily rumored to come in black, silver, gray, and dark blue colors this year. Below the Apple logo is similarly colored text that reads "Wonderlust."

Read more
Apple may face ‘severe’ iPhone 15 shortage over production issue, report says
The Apple logo on the iPhone 14 Pro Max.

Hoping to get your hands on an iPhone 15 Pro or iPhone 15 Pro Max when the new phones come out in the fall? Well, you may be in for a wait.

Apple is experiencing production issues caused by a new manufacturing process designed to significantly reduce the size of the bezel around the display, according to a report from The Information on Thursday.

Read more