Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Apple Sees iCloud Attacks; China Hack Reported

WASHINGTON – Apple said Tuesday its iCloud server has been the target of “intermittent” attacks, hours after a security blog said Chinese authorities had been trying to hack into the system.

WASHINGTON – Apple said Tuesday its iCloud server has been the target of “intermittent” attacks, hours after a security blog said Chinese authorities had been trying to hack into the system.

Apple did not specifically mention China, but posted a security bulletin citing the hack attempts, and indicating its cloud computing platform had not been breached.

“We’re aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” the statement said.

“These attacks don’t compromise iCloud servers, and they don’t impact iCloud sign in on iOS devices or Macs running OS X Yosemite using the Safari browser.”

Yosemite is the newest operating system for Mac computers and iOS is the platform for mobile devices such as iPhones and iPads.

Late Monday, the security website GreatFire.org which monitors online censorship in China claimed that “Chinese authorities” had launched the attacks on Apple’s iCloud.

“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc.,” according to the blog, which said it appeared to coincide with the launch in China of the newest iPhone.

“While the attacks on Google and Yahoo enabled the authorities to snoop on what information Chinese were accessing on those two platforms, the Apple attack is different,” GreatFire said.

“Many Apple customers use iCloud to store their personal information, including iMessages, photos and contacts. This may also somehow be related again to images and videos of the Hong Kong protests being shared on the mainland.”

The news comes just weeks after a widely publicized incident which allowed hackers to access and post nude pictures of celebrities including Jennifer Lawrence from their iCloud accounts.

Apple maintained that some celebrity accounts were compromised in a “targeted attack” to gain passwords, but that it found no breach of the iCloud or other Apple systems.

In its latest statement, Apple said its users were safe if they relied on its software, but also cautioned against ignoring security warnings.

“If you’re connecting to a website that isn’t secure, you’ll see a message that says ‘Safari can’t verify the identity of the website.'” Apple said. “If you see this message, don’t proceed or attempt to sign in.” 

Written By

AFP 2023

Click to comment

Expert Insights

Related Content

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

The FBI dismantled the network of the prolific Hive ransomware gang and seized infrastructure in Los Angeles that was used for the operation.

Cybercrime

A new study by McAfee and the Center for Strategic and International Studies (CSIS) named a staggering figure as the true annual cost of...

Cybercrime

Video games developer Riot Games says source code was stolen from its development environment in a ransomware attack

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.