Apple issues security warning for iCloud

By Silky Malhotra | Updated 22 Oct 2014
Apple issues security warning for iCloud
  • Apple online storage service iCloud attacked via vulnerable security certificates.

Apple has issues a new security warning to its iCloud online storage service users amid reports of a concerted effort to steal passwords and other data from people who use the popular service in China.

advertisements

According to reports, some Chinese internet users have begun seeing warnings that indicate they had been diverted to an unauthorized website when they attempted to sign into their iCloud accounts. Security experts call it a “man in the middle” attack, this allows a third party to copy and steal the passwords that users enter when they think they are signing into Apple’s service. The passwords can be used by hackers to collect other data from the users’ accounts. Source: iCloud may have been hacked by Chinese government

Apple declined to comment on the allegations but has updated its technical support page to provide advice on how to protect against such attacks. Apple’s post did not mention China or provide any details on the attacks. However, the post stated that Apple's own servers have not been compromised.

advertisements

Apple stated in a blog post on its support website, "We're aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously."

Apple warns that iCloud users should never enter their iCloud password if they get warnings about invalid digital certificates when visiting www.icloud.com. The blog post also mentions procedures which users can use to verify they are connected to Apple's legitimate site when using various browsers.

advertisements

Apple warned iCloud users, “If users get an invalid certificate warning in their browser while visiting www.icloud.com, they should pay attention to the warning and not proceed.”

Last month hackers had attacked iCloud accounts of celebrities and stolen photos. The tech giant stated after an investigation that the hackers had obtained the users’ passwords through “phishing attacks” or by guessing at the answers to security questions that allowed access. Apple stated that its servers were not breached in that case.

advertisements

Source: Apple

advertisements
Silky Malhotra
advertisements
ASK DIGIT

Recent Questions

best security software for laptop
CHRISTIANA JOHN
Sept 19, 2014
Responses 1
t ruth pushpalatha
Sept 24, 2014
Comments
Be the first one to post the comment
Post a New Comment
You must be signed in to post a comment
advertisements