AdaptiveMobile, which specializes in mobile network security, claims that continued spam is being sent from North American iCloud users’ accounts, resulting in these accounts being used to send “hundreds of thousands” of spam SMS messages to China. The company is also reporting a broadening of attacks, with the initial messages offering counterfeit luxury goods now expanding to promote gambling sites.
AdaptiveMobile issued a report in September showing how attackers were using compromised North American iCloud accounts to send SMS spam from iPhones attached to the accounts. Today, the Company issued new data showing that the number of affected iPhones has risen to more than 11,500 phone numbers since measuring began; these affected iPhones have sent more than 750,000 SMS messages in the last four months. The data says there’s been a rise in both the number of devices per day affected, as well as spam sent, signifying an ongoing campaign to obtain and use compromised iCloud accounts.
Once attackers have access to the iCloud account, the iPhone associated with that account becomes vulnerable to being used to send large amounts of iMessage spam to Chinese iPhone users, according to Cathal Mc Daid, chief intelligence officer at AdaptiveMobile. Due to Apple’s “Send as SMS” feature, if the spam recipient in China is not available to receive an iMessage, then the iPhone sender will automatically send the iMessage as a SMS instead. This means that in addition to running the risk of having their phone’s activity limited due to the large amount of spam being sent, victims run the risk of incurring charges to their accounts for all the SMS spam they send to China without their knowledge.
“It is probable that attackers access people’s iCloud accounts through known forms of social engineering,” says Mc Daid. “What concerns us is the fact that people whose accounts have been compromised could potentially be billed hundreds or thousands of dollars after the attack has taken place. Apple users who notice large number of messages being sent to China from their iPhone should change their password and contact Apple for further assistance.”
AdaptiveMobile encourages any iCloud user who thinks they may have been affected to check their accounts by first logging in and unlinking any devices you don’t recognize. Users should then immediately change their passwords and set up two-step verification.