Microsoft Corporation (MSFT): MS Outlook faces hack in China
A Chinese censorship monitoring organization called GreatFire.Org reports that Microsoft Corporation (NASDAQ:MSFT)’s Outlook online service has been hacked in China. The hackers performed the “man-in-the-middle attack” in which they can place themselves in between the online communications of the victims to receive, read and sent messages.
GreatFire mentions that the attack had only affected the IMAP and SMTP protocols of the service, but Outlook.com and logins from Live.com web interfaces weren’t breached. It’s also believed that the attack lasted for a day. GreatFire says that during the attack, users were warned of the existence of unknown servers. The warnings came from internet browsers of smartphones and computers such as the iPhone browser with the warning “Cannot Verify Server Identity, Continue or Cancel?”, or the FireFox browser with “that someone is trying to impersonate the site, and you shouldn’t continue.”
Users would normally click the continue button, unaware of the hacker being able to sniff their exchanged messages and data. GreatFire believes that the self-signed web certificates issued during the attack are from the China Internet Network Information Center (CNNIC) which is also suspected to be a part of previous man-in-the-middle attacks in China. GreatFire.org says that “Given the dangerous nature of this attack on Outlook, we again strongly encourage organizations, including Microsoft and Apple, to immediately revoke trust for the CNNIC certificate authority.”
CNNIC is governed by the Cyberspace Administration of China, and GreatFire strongly believes that they have deliberately performed the attack, and that Chinese authorities are currently trying to crack down encrypted services to read private messages. Microsoft Outlook wasn’t the only victim of these attacks. Previously, Google, Yahoo and Apple services were affected as well, with Google’s GMail service was shut down in China last month. There were reports that the Google service was partially restored in China.
Latest posts by James Vrionis (see all)
- Barron’s talks Apple Inc. “problem” — What is it? - April 18, 2015 02:37 PM PST
- American International Group Inc (AIG) Reprices AG Select-a-Term Nationally; Launches in NY - February 9, 2015 08:41 AM PST
- Google Inc teams with WePay to enable Google Wallet - January 28, 2015 09:25 AM PST