Skip to main content

Apple acknowledges iCloud hacking in China, but says its servers are safe

apple icloud hack china header f
Image used with permission by copyright holder
Apple responded to concerns that its iCloud service was compromised following a widespread, man-in-the-middle (MITM) attack that is believed to have been sanctioned by the Chinese government.

First brought to light by GreatFire.org, the Chinese government is reportedly using the national firewall system (or the “Great Firewall of China,” as it’s colloquially known) to redirect iCloud users to spoofed pages. By fooling older browsers with phony certificates and hijacked addresses, the apparent intention is to compromise the credentials of unsuspecting visitors.

Recommended Videos

Related: Apple CEO promises new security measures after iCloud celebrity photo hack

The source of the attack is reportedly China Telecom, a company with ties to Chinese leadership. In August, Apple agreed to store local China iCloud data in China Telecom’s servers.

On Tuesday, Apple told CNBC that it was aware of “intermittent organized network attacks,” but that iCloud servers hadn’t been compromised. The company also said that iCloud sign-in on mobile and Macs running the latest version of OS X are not at risk.

Related: Hackers trick Apple into providing access to an iCloud account, chaos ensues

The same can’t be said for iCloud account holders who log in using outdated Internet browsers, which will not automatically warn of interception (newer distributions of Firefox and Chrome can alert of fake certificates). Users of those and other browsers can still get around the attack by using an unaffected IP address.

GreatFire.org speculates the attack is an attempt to circumvent security measures introduced with the iPhone 6 and 6 Plus, which went on sale in China last week.  It’s hardly the first instance of a hack orchestrated by the Chinese government, though. Yahoo was targeted earlier this month, and a MITM attack continues to affect Microsoft’s Outlook mail service.

The news comes after a slew of female celebrities saw their private photographs — often nude ones — made public after iCloud’s weak security was breached. Called “The Fappening,” the stolen photographs contains naked and semi-naked pictures and videos of more than 100 A-list celebrities, among them Oscar-winning actress Jennifer Lawrence, singer Rihanna, swimsuit model Kate Upton, and TV star Kim Kardashian. While some of the celebrities argue that the pictures are frauds, others  confirmed that the posted photos of themselves were indeed authentic.

To boost security, Apple CEO Tim Cook told the Wall Street Journal that customers would receive alerts via email and push notifications if another person attempts to perform actions such as change an account password, restore iCloud data to another device, or when a device logs in for the first time.

Kyle Wiggers
Former Digital Trends Contributor
Kyle Wiggers is a writer, Web designer, and podcaster with an acute interest in all things tech. When not reviewing gadgets…
I have the 2024 Apple Watch Pride band, and it’s stunning
2024 Pride Edition Braided Solo Loop showing lugs.

It’s June, which means it’s Pride Month. This takes place every year to honor the ongoing struggle for civil rights for the LGBTQ+ community, as well as the achievements of those LGBTQ+ individuals.

One of the things I look forward to each year for Pride Month is Apple’s release of the Apple Watch Pride Band. In 2016, Apple distributed exclusive Pride bands to its employees who participated in San Francisco’s Pride parade.

Read more
Apple apologizes for its controversial iPad Pro ad
Apple's ad for its refreshed iPad Pro tablet.

It may have seemed like a good idea at the time, but an ad by Apple for its thinnest-ever iPad has turned into a massive headache for the company.

The 68-second “Crush!” ad for the iPad Pro debuted with the unveiling of the new tablet on Tuesday. It shows a large number of objects such as musical instruments, books, and cans of paint being crushed by a hydraulic press in an apparent effort to demonstrate how it's packed a huge amount of creative potential into an ultra-slim digital device.

Read more
Apple made an outrageous change to its new iPads
An official photo of the 2024 iPad Air.

After a year-long drought of iPads, Apple finally revealed the new iPad Air and iPad Pro models during its Let Loose event on May 7. This was a unique announcement because it broke some old traditions; the iPad Air now comes in two sizes: an 11-inch and 13-inch, just like the iPad Pro. But these new iPads are also breaking another longtime tradition: They won’t come with iconic Apple stickers. Gasp.

According to 9to5Mac, Apple Store teams received a memo where Apple explained that the iconic Apple stickers won’t be included inside the boxes of the new iPad Air and iPad Pro. The reasoning? As part of Apple’s environmental goals, it is trying to ensure that its packaging is completely free of plastic.

Read more