Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
China Cloud Microsoft Security The Internet Apple

China Staging a Nationwide Attack On iCloud and Microsoft Accounts 109

New submitter DemonOnIce writes: According to The Verge and an original report from the site that monitor's China's Great Firewall activity, China is conducting a large-scale attack on iCloud and Microsoft accounts using its government firewall software. Chinese users may be facing an unpleasant surprise as they are directed to a dummy site designed to look like an Apple login page (or a Microsoft one, as appropriate).
This discussion has been archived. No new comments can be posted.

China Staging a Nationwide Attack On iCloud and Microsoft Accounts

Comments Filter:
  • Gotta suck to live in China. Er, wait...
  • by Rosyna ( 80334 ) on Monday October 20, 2014 @07:14PM (#48190911) Homepage

    If you use Firefox, Safari, Chrome, or IE in China, they will all warn you that MiTM attack has occurred (if you trying going to https://icloud.com./ [icloud.com.] But the most popular browser used in China (according to Qihoo, the claim is dubious), Qihoo’s Chinese 360 "Secure Browser" [360.cn]. will allow Man in the middle attacks to occur, by design.

    • by Rosyna ( 80334 )

      Forgot to mention that enabling 2FA in China may be useless if they can also intercept the messages and do a replay attack.

    • Re: (Score:2, Informative)

      Don't be naive. It's so easy to do it without warning. I can tell you at least 3 different methods of doing that. Remember, it's not just a single hacker, but government that controls whole traffic, that can impersonate not only any domain but any ip they want, they control BGP.
  • Are the Chinese officials trying to score some celebrity porn?
    • Re:Why? (Score:4, Insightful)

      by gandhi_2 ( 1108023 ) on Monday October 20, 2014 @07:25PM (#48190995) Homepage

      It's almost like they are a... communist country.

      • by Anonymous Coward

        China hasn't been Communist for 30+ years, just like how the DPRK isn't a democacy.

      • Re:Why? (Score:5, Insightful)

        by Jeremi ( 14640 ) on Monday October 20, 2014 @07:59PM (#48191285) Homepage

        It's almost like they are a... communist country.

        Right -- only a communist country would attempt such shenanigans. Western democracies are totally above that sort of misbehavior. ;^)

        • Re: Why? (Score:5, Interesting)

          by Anonymous Coward on Monday October 20, 2014 @10:25PM (#48192069)

          Posting AC. I provide IT support for a chinese company based in the US. They wanted an American firewall and anti-virus suite. One of the employees insist on using some security 360 shit that's very chatty on the network. I blocked its net-block range and shortly he complained and wanted it fixed ASAP. I strongly suspect he's a CCP mole. Fuck him, he can suffer with the software approved by corporate.

      • by Anonymous Coward

        It's almost like they are a... communist country.

        What does that have anything to do with anything? Their economic policies are hardly relevant.

        They're a dictatorship, that's their political model and why they get away with this.

        • Re: (Score:3, Insightful)

          Well, close. I wouldn't technically call it a dictatorship because the power is spread out around various people and groups, including the Standing Committee, former members of the Standing Committee and the military. But you're on the right track. 1) China is communist only in name. 2) Even if they were fully communist, that's an economic system, not a political one per se. The word that you and the grandparent poster is looking for is 'authoritarian.' BTW I lived in China for three and a half years and I
      • Re:Why? (Score:4, Interesting)

        by Earthquake Retrofit ( 1372207 ) on Monday October 20, 2014 @09:59PM (#48191953) Journal
        The BBC reported today: "The Beijing-appointed leader of Hong Kong, Leung Chun-ying, said Monday evening that it was unacceptable to allow his successors to be chosen in open elections, in part because doing so would risk giving poorer residents a dominant voice in politics... he backed Beijing’s position that all candidates to succeed him as chief executive, the top post in the city, must be screened by a “broadly representative” nominating committee appointed by Beijing. That screening, he said, would insulate candidates from popular pressure to create a welfare state, and would allow the city government to follow more business-friendly policies to address economic inequality instead."

        Whatever it is, it doesn't sound like communism to me.

        • Communism went bankrupt a long time ago. All that's left is the brand name.

        • by Anonymous Coward

          "Fascism may be defined as the merger of corporations and state." - Il Duce

        • Re:Why? (Score:4, Insightful)

          by XxtraLarGe ( 551297 ) on Tuesday October 21, 2014 @08:44AM (#48194389) Journal

          The BBC reported today: "The Beijing-appointed leader of Hong Kong, Leung Chun-ying, said Monday evening that it was unacceptable to allow his successors to be chosen in open elections, in part because doing so would risk giving poorer residents a dominant voice in politics... he backed Beijingâ(TM)s position that all candidates to succeed him as chief executive, the top post in the city, must be screened by a âoebroadly representativeâ nominating committee appointed by Beijing. That screening, he said, would insulate candidates from popular pressure to create a welfare state, and would allow the city government to follow more business-friendly policies to address economic inequality instead."
          Whatever it is, it doesn't sound like communism to me.

          It's probably better described as fascism [wikipedia.org], but there has never been a place on earth where communism in practice resembled communism in theory. It's not possible to ever implement it, because the power hungry use it as a method for personal enrichment. As Lord Acton said "Power tends to corrupt. Absolute power corrupts absolutely. Great men are almost always bad men."

        • because doing so would risk giving poorer residents a dominant voice in politics..

          That sounds a lot like... Texas?

        • Their honesty is refreshing.

      • Re: (Score:2, Insightful)

        by peragrin ( 659227 )

        So how many times has the NSA done the same thing? oh that's right the NSA merely forces Cisco to install hardware that lets them monitor such connections.

        The NSA has done far far worse to Americans, let alone everyone else in the world. China at least primarily limits it's attempts to it's own citizens.

    • Re:Why? (Score:5, Insightful)

      by Anonymous Psychopath ( 18031 ) on Monday October 20, 2014 @07:26PM (#48190999) Homepage

      Are the Chinese officials trying to score some celebrity porn?

      It's possibly related to the protests in Hong Kong and the government's desire to identify the leaders/participants.

      • Are the Chinese officials trying to score some celebrity porn?

        It's possibly related to the protests in Hong Kong and the government's desire to identify the leaders/participants.

        Or any other type of dissident or protester they can collect dirt on.

        Like the NSA or any other spy agency, if they can scoop up any private data, they are going to want it.

    • by Anonymous Coward

      > Are the Chinese officials trying to score some celebrity porn?

      Probably because of the Hong King protests. Despite how we view China from the outside, the leadership there considers themselves to be very vulnerable. To the point of paranoia sometimes. China does have a history of local uprisings getting "out of hand" and toppling governments. Plus authoritarianism is inherently unstable. So maybe they are on to something.

      Whatever the legitimacy of their fears, they are probably looking for signs of

      • Re: Why? (Score:5, Interesting)

        by antifoidulus ( 807088 ) on Monday October 20, 2014 @07:37PM (#48191103) Homepage Journal
        It's only going to get worse as the chinese economy stagnates. I've been saying this for years, but people are finally starting to realize that China copied the post-war Japanese model right down to the bad loans, today's China is pretty much where Japan was in 1988, barreling towards the cliff. The difference between the 2 countries is the government though. Outside of the economy the CCP has been deeply unpopular for years. However there was little unrest since the economy was booming. However what will happen when growth slows is much more unclear. Hong Kong like protests against the government would probably be the best case. More likely is large scale riots as unemployment coupled with a large # of men being unable to find a wife is a recipe for disaster. The CCP knows they are living on borrowed time and are going to do everything in their power, including perhaps returning to the days of the cultural revolution if it finds it necessary. In the short term expect spying incidents like this to become the norm.
        • by Anonymous Coward

          China moved from a per capita of few hundreds of dollars per year, to several thousands per year. Today's technology, permits a few tens of thousands per year income for many industrialized nations. That is about where Japan maxed out at. Even if income in Japan has stagnated for the last couple of decades, it stagnated in a good place, and things could definitely be worse. Naysayers be damned, China is going to keep on growing. China might stop at Russia's per capita income, but that's not too bad.

        • The CCP knows they are living on borrowed time and are going to do everything in their power, including perhaps returning to the days of the cultural revolution if it finds it necessary.

          The CCP uses fear of the cultural revolution as a way to stay in power. That's what all the talk about 'Harmony' means. Not many people in China want to go back to that. They understand it made no sense to have red stoplights mean go,for example.

  • I wonder if this will make companies like Microsoft and Apple rethink their ties to China.

    • I wonder if this will make companies like Microsoft and Apple rethink their ties to China.

      That's quite an optimistic attitude you've got there.

    • And lose 1.36BN potential customers?

      • Only a small fraction of that buy Apple or Microsoft products.

        • by dk20 ( 914954 )

          Only a small fraction of that buy Apple or Microsoft products.
          Citation? You have data backing up the statement?

          Looking at it another way, lets say just 10% of Chinese buy Apple products, that would work out to 136,704,000 customers

          Are you aware that Companies like GM actually sell more cars in China then any other market?

        • China is a massive market, even a small fraction of the market is bigger than most other countries. 1% is still 13.6 million customers and I would happily bet they have far more than a 1% share.

          • If you count HK, China makes up a significant percentage of customers. If you don't count HK, not so much. Apple and Microsoft make products that are very costly with respect to Chinese wage scales.

            • You are clinging to the past. China has a large and rapidly growing middle class as well as a strong wealthy segment. As to the HK comment, that is just moronic, HK population in its entirety doesn't even equal 1/5th of chinas population that earns over 200k a year.

  • What, they haven't found a subtle and quiet way to sneak in like the N-S-A does?

  • by gurnec ( 1011007 ) on Monday October 20, 2014 @09:55PM (#48191917)

    Just an FYI... I've no reason to disbelieve the story, but it would be simple to fake the evidence presented...

    I also wonder why the hotmail.com certificate was mistakenly created for the hotmai.com domain [googleusercontent.com]... that seems rather amateurish for a nation state. (Of course, perhaps plausible deniability is the reason.)

    Regardless of whether or not it's fake, it does serve to point out the intentional flaws of Qihoo’s Chinese 360 "Secure Browser" pointed out by Rosyna above -- certainly a good thing to publicize.

    • I don't see a mistakenly created certificate. It looks like it is legitimately for hotmai.com

      Which seems to be owned by microsoft and exists to redirect people who are not cautious about typing domains to the intended destination.

      Taking over the DNS redirects and serving hotmail-looking content is a good way to catch a few people, if that's your game.

      Or another way - if Microsoft is catching typos, why would a nation state be amateurish for doing the same thing?

      • by gurnec ( 1011007 )

        I don't see a mistakenly created certificate. It looks like it is legitimately for hotmai.com
        ...
        Or another way - if Microsoft is catching typos, why would a nation state be amateurish for doing the same thing?

        Microsoft isn't doing the same thing, though. You're right that the (real) hotmai.com site does redirect to outlook.com, however it doesn't have a certificate, nor does it even have https enabled.

        Furthermore, the packet capture shows that whoever created it was trying to visit "login.live.com" (it's in the SNI field of the SSL Client Hello message), and so the server should have responded with a cert for that domain, not for hotmail.com nor hotmai.com.

        I'll stick by my interpretation that this was amateurish

        • I stand by my interpretation that once you type the domain, and verify a few certificates, you don't care.

          You, specifically, are not "you", the collective.

          Even an amateurish attack will be successful from time to time.

          If a nation state tries to intercept the easy, hard, and next-to-impossible data, is it still amateurish? Defend.

    • by Clsid ( 564627 )

      I have reason to disbelieve this story. I have been soing tests and no matter where I connect I still get the legitimate sites. I think this is like some sort of anti-Communist hysteria or something.

  • I think what those guys experienced would be related to an ISP. I'm in China and traveling at the moment, so I can tell you that I'm still getting to the legit sites either using airport wifi, hotel wifi or a residential ISP.

    There is interference with the internet, no doubt about that, especially since the Hong Kong protests, when they took down the whole BBC website. But unless I see it reported from a reputable source I will call this bs, since I have never been able to verify their claims in previous occ

    • by ruir ( 2709173 )
      Probably they implemented common standard corporate technology nationwide that has its own certs to intercept SSL traffic. I doubt they are targeting known sites to capture passwords.
  • This has been going on for maybe a month -- but glad someone has logged/traced/pointed it out.. at least for hotmail.com. It's not consistent - but it has happened to me maybe 10 or 15 times in the last month. Typically it's perfectly fine.

  • I wonder if Apple will complain to the world trade commission regarding the self-signed www.icloud.com certificate. This is a purposeful violation of Apple's trademark.

You're not Dave. Who are you?

Working...