iCloud.com seems to have been added to a group of websites and services, including Yahoo and Gmail, under attack in China. A new report indicates that users attempting to log in to iCloud.com from an insecure browser that trusts China's Certification Authority are having their credentials captured. Users visiting through more secure browsers like Safari, Chrome, and Firefox will be presented with a warning when they navigate to the site.
According to GreatFire.org:
This is clearly a malicious attack on Apple in an effort to gain access to usernames and passwords and consequently all data stored on iCloud such as iMessages, photos, contacts, etc. Unlike the recent attack on Google, this attack is nationwide and coincides with the launch today in China of the newest iPhone.
There are certain precautions you should take to avoid this attack. You can set up two-step verification for your iCloud account. You can also use more secure browsers, like Safari, Chrome, and Firefox. Additionally, and this is very important: follow the SSL/TLS security warnings when they are presented to you. If you suspect that your iCloud credentials have been compromised, then you should change your password immediately.
Again, the reported attack only affects users running insecure browsers that trust the Chinese Certification Authority. It will not impact Apple services directly, Apple's apps, or third-party apps that use proper validation. It's also not targeting Apple, but online services in general, of which iCloud is one.
It should be noted that the report of this attack is coming only from a single source. Users should, as always, take any normal security precautions, including those listed above.
If you've seen or experienced any attacks of this nature, let us know in the comments!