SAN FRANCISCO (Reuters) - Apple Inc’s iCloud storage and backup service in China was attacked by hackers trying to steal user credentials and other information, a cybersecurity blog charged on Monday, saying it believes the country’s government is behind the campaign.
Unknown “Chinese authorities” interposed their own website between users and Apple’s iCloud, intercepting instructions and messages while the user believes he or she is communicating directly with Apple’s site, Greatfire.org wrote in its blog post.
The attack coincided with the start of iPhone 6 sales in China on Friday, the blog said.
“This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc,” the security blog said.
It was unclear whether the hackers were still active. Apple did not have an immediate comment when contacted.
“All the evidence I’ve seen would support that this is a real attack. The Chinese government is directly attacking Chinese users of Apple’s products,” said Mikko Hypponnen, chief research officer at security software developer F-Secure. “As always, we recommend using the Internet over a trusted virtual private network.”
Greatfire.org said without elaborating that the attacks were similar to others against Google Inc and Yahoo Inc.
The United States and Western companies have accused Chinese-backed hackers of infiltrating government and corporate websites and services. But Beijing has repeatedly denied its involvement in such attacks.
The Chinese embassy was not immediately available for comment.
Reporting by San Francisco newsroom. Editing by Andre Grenon