After the recent incidence of leak of private photos including the nude images of celebrities from tech giant Apple’s iCloud, the online storage service is facing another security threat.
Apple has posted a new security warning for users of its iCloud service following reports of an intensive effort by group of hackers to steal passwords and other user information from users mainly in China.
“We are aware of intermittent organized network attacks using insecure certificates to obtain user information, and we take this very seriously,” Apple said in a post on its official support website on Tuesday.
According to the Apple’s post, the own servers of the computer maker have not been compromised.
The California-based company has not made any post specifying any details of cyber attacks in China particularly. But several media outlets reported on Tuesday that some Chinese internet users have started witnessing warnings indicating diversion to an unauthorized website while they attempted to sign into their iCloud accounts.
The computer security experts term such kind of diversion to “man in the middle” attack.
During such cyber attacks, a third party gets access to the user info, which allow them to steal the passwords when the users enter while attempting to sign into Apple’s service. Further, the hackers easily get access to other user account data using the password.
Meanwhile, Apple has said in its post that the cyber attacks have so far not affected any of its users who have attempted to sign into its iCloud service from iPhones or iPads and also on Mac computers using the Safari browser or Mac operating system.
The company has, however, recommended the users to access the security features provided with the Safari and other browsers like Firefox or Google’s Chrome in order to verify that they are connecting to a genuine iCloud server. When the users will access these security features, a message will appear on the web browser warning them before they are connecting to an unauthorized site having no digital certificate verifying its authenticity.
“If users get an invalid certificate warning in their browser while visiting www.icloud.com , they should pay attention to the warning and not proceed,” Apple said in the post.
Insiders have, however, denied any link between the last month’s cyber attack with this latest one.