New iPhone owners in China have apparently been subject to a dedicated man-in-the-middle (MITM) attack from their own government. Users have been reporting that all connections to iCloud.com are currently being blocked by the Great Firewall of China, and those connections are being redirected to a dummy site requesting their login credentials. A similar attack is also being directed at Microsoft’s Login.live.com gateway.
Greatfire.org speculates that the most recent attack is related to Apple’s new encryption protocols that were implemented with iOS 8.1. The measure was originally implemented to prevent the American NSA from spying on US citizens, but is now also apparently preventing the Chinese government from doing the same to its own citizens. The website notes that Apple has traditionally caved to pressure from the Chinese, but there is apparently some disagreement at play here.
Those currently in China or are planning on travelling there are advised to use secure browsers and two stage authentication to reduce the risk of falling prey to the MITM attacks and phishing attempts. Both Google Chrome and Firefox are currently known to prevent users from being redirected to the dummy sites.