Casa > cibernético Notícias > China Connection to iCloud With Redirection to Bogus Log-In Page

China Connection para iCloud com o redirecionamento para Bogus Log-In Page

Pessoas que estavam tentando acessar o serviço iCloud da China foram recentemente tendo problemas. Eles foram bloqueados e sua conexão foi foi direcionado para uma página de phishing que coleta as credenciais do usuário. The IT security specialists are figuring out ways in which to stop this nationwide cyber-attack.

Timing of the Attack
The China censorship watchdog group Great Fire informed that the attack has been launched by the Chinese government, aiming to compromise the information that is stored on the iCloud storage by Apple from the Chinese citizens.

The incident coincided with the launching of iPhone 6, the latest model of iPhone. The device is synchronizing the content from the iCloud to the new phone.

False Digital Certificate Used

According to the Great Fire group that tracks the censorship in China, the cyber criminals have used fake digital certificate in the attack. The report that the group issued, states that Google Chrome and Mozilla Firefox users will receive a warning concerning the landing on a location that is potentially harmful and the access to the phishing page is blocked. In case these users choose to ignore the alert, then they get automatic load of a bogus log-in page.

When the users enter their iCloud credentials and press the button for sign-in, they immediately sent their username and password to a location that is controlled by the attackers. In some cases when the users try to enter the most popular Chinese web browser Qihoo, those who try to access the iCloud are directed to the phishing page with no warning at all.

The malware specialists confirm this attack is known as man-in-the-middle and that it relies to the usage of non-trusted certificate, used at the beginning of October for iCloud. This Apple-directed malicious attack aims to collect usernames and passwords and thus get access to the data stored on the iCloud, including messages, Contatos, fotos, etc.

Stay away from the arrack
The users should know that not all iCloud users in China are targeted in the attack. The Great Fire anti-censorship team reported that victims of the attack are only the IP addresses, where the domain name server of iCloud may return different IPs than the ones used before.

There are measures that the users can take in order to prevent the cyber criminals from getting access to their iCloud accounts. They can use a secure route connection, for example a virtual private network. This will eliminate the risk from direction to a fraudulent page and will ensure that the log-in information will be sent outside China.

Another secure method is the usage of two-way authentication, which requires an additional code and a password proof to get access to the account.Icloud-china


Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar