Chinese Apple users are facing a wave of cyberattacks — not from cybercriminals, but from their own government.
That’s according to GreatFire.org, a non-profit that tracks Beijing’s online censorship efforts. The site says Chinese authorities are staging a so-called “man-in-the-middle” attack in iCloud, intercepting the log-in credentials of Chinese Internet users when they attempt to access the site through certain browsers.
“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc,” GreatFire said.
The alleged attack coincides with the launch in China of the new iPhone 6 and 6 Plus.
The Chinese government has previously staged similar attacks on Google (GOOGL,Tech30) and Yahoo (YHOO, Tech30) users, GreatFire said. But in those cases, the site added, the authorities gained the ability only to see what content users were accessing, not their passwords.
Chinese Internet users can counteract the problem by using secure Web browsers like Chrome and Firefox, and by enabling two-factor authentication on their iCloud accounts.