China spies on iCloud users: The Chinese government is supposed to tap iCloud data with a man-in-the-middle attack (MITM). Greatfire.org’s censorship experts have published a report on the detection of the espionage attempt by China.
The Chinese authorities will use the MITM attack to redirect iCloud users to a fake website. China not only wants to spy on information about users, but also to pick up users and passwords to get access to iMessages, photos and contacts in the iCloud.
As soon as users log on to icloud.com with the government-sponsored 360 Secure Browser, the user data and passwords are undetected using the fake page.
Firefox and Google warn against the fake certificate. However, if users ignore the warning and continue clicking, the iCloud credentials are also passed to the authorities.
The recently introduced two-factor authentication could counteract this. However, the new feature is disabled by default. This means that iCloud users will have to activate them manually and have to log into their iCloud account.
It is still not clear whether the MITM attack is related to the demonstrations in Hong Kong or the launch of the new iPhone-6 models. According to Geaktime, it is a reference to the conflict between China and Apple and concern the features of the new iPhone-6 models.
ICloud # 存档 伪造 证书 下载 下载: http://t.co/iqGasmynMx pic.twitter.com/FHFAA1AKR2
No comments:
Post a Comment