Skip to main content

Apple acknowledges iCloud hacking in China, but says its servers are safe

apple icloud hack china header f
Apple responded to concerns that its iCloud service was compromised following a widespread, man-in-the-middle (MITM) attack that is believed to have been sanctioned by the Chinese government.

First brought to light by GreatFire.org, the Chinese government is reportedly using the national firewall system (or the “Great Firewall of China,” as it’s colloquially known) to redirect iCloud users to spoofed pages. By fooling older browsers with phony certificates and hijacked addresses, the apparent intention is to compromise the credentials of unsuspecting visitors.

Related Videos

Related: Apple CEO promises new security measures after iCloud celebrity photo hack

The source of the attack is reportedly China Telecom, a company with ties to Chinese leadership. In August, Apple agreed to store local China iCloud data in China Telecom’s servers.

On Tuesday, Apple told CNBC that it was aware of “intermittent organized network attacks,” but that iCloud servers hadn’t been compromised. The company also said that iCloud sign-in on mobile and Macs running the latest version of OS X are not at risk.

Related: Hackers trick Apple into providing access to an iCloud account, chaos ensues

The same can’t be said for iCloud account holders who log in using outdated Internet browsers, which will not automatically warn of interception (newer distributions of Firefox and Chrome can alert of fake certificates). Users of those and other browsers can still get around the attack by using an unaffected IP address.

GreatFire.org speculates the attack is an attempt to circumvent security measures introduced with the iPhone 6 and 6 Plus, which went on sale in China last week.  It’s hardly the first instance of a hack orchestrated by the Chinese government, though. Yahoo was targeted earlier this month, and a MITM attack continues to affect Microsoft’s Outlook mail service.

The news comes after a slew of female celebrities saw their private photographs — often nude ones — made public after iCloud’s weak security was breached. Called “The Fappening,” the stolen photographs contains naked and semi-naked pictures and videos of more than 100 A-list celebrities, among them Oscar-winning actress Jennifer Lawrence, singer Rihanna, swimsuit model Kate Upton, and TV star Kim Kardashian. While some of the celebrities argue that the pictures are frauds, others  confirmed that the posted photos of themselves were indeed authentic.

To boost security, Apple CEO Tim Cook told the Wall Street Journal that customers would receive alerts via email and push notifications if another person attempts to perform actions such as change an account password, restore iCloud data to another device, or when a device logs in for the first time.

Editors' Recommendations

It’s official: Apple is required to make a USB-C iPhone by 2024
Brand new USB-C type to Lightning fast charging cable of with iPhone 11 Pro Max

The European Parliament today approved a regulation that would mandate a common charger for all electronics sold in the bloc in a bid to reduce e-waste. These include smartphones and tablets. While most smartphones and tablets currently sold in the EU do use USB-C, one particular holdout has been Apple. With this new rule, the next iPhone (or the one after that) will have to ditch Lightning for USB-C, bringing it in line with the iPad Pro and Macbook lines.

While the law only applies in Europe, Apple would have to either design an iPhone specifically for Europe or adopt USB-C worldwide. It's easy to see which path the company's picking, especially with American and Indian politicians making similar legislative noises.

Read more
Every product Apple skipped at its iPhone 14 event today
Tim Cook during an Apple presentation on a grass field.

Apple's annual iPhone event is over, and it resulted in some significant announcements, including the entire line of iPhone 14 devices, the new Apple Watch Ultra, and the second-gen AirPods Pro.

Outside the interesting new features of the iPhone 14 Pro, the iPhone 14 event was fairly low on surprises. That may have left some people disappointed, especially if they were hoping for a specific product to get announced. But don't worry, there's still an Apple event rumored for later this year that could include many of the product left on the cutting-room floor.
iPad (10th-gen)

Read more
Apple confirms iPadOS 16 is delayed because it’s a hot mess in beta
An iPad using Stage Manager in iPadOS 16.

Apple has confirmed that the highly-anticipated iPadOS 16 update is delayed and will be rolled out widely later than the usual rollout cadence of major OS updates in the fall season. In a statement shared with TechCrunch, Apple notes that the public version of its tablet operating system will directly jump to the iPadOS 16.1 build (instead of starting with a stable iPadOS 16 update) and will be released after iOS 16.

Apple doesn’t explicitly mention why the update has been delayed, but it appears that the sheer scope of major changes and the well-publicized issues with the early beta versions are to blame. “This is an especially big year for iPadOS. As its own platform with features specifically designed for iPad, we have the flexibility to deliver iPadOS on its own schedule,” Apple said in a statement.

Read more