Microsoft's Outlook.com faces brief man-in-the-middle attack in China
Microsoft’s Outlook.com briefly faced a “man-in-the-middle” attack in China, according to a watchdog group, following similar eavesdropping attempts against Apple and Yahoo last year.
The group, GreatFire.org, noticed the attack against Outlook on Saturday for users attempting to visit the service through mobile and desktop email clients.
Accessing the service, prompted users to see warning messages, stemming from the service failing to return a trusted digital certificate, according to GreatFire.org.
Man-in-the-middle attacks work by trying to eavesdrop on the user’s communications. This is typically done when a hacker impersonates a service the user is hoping to visit in an attempt to intercept the victim’s login and password information.
In the case of the Outlook attack, tests showed that access to the Microsoft email service had likely been tampered with, GreatFire.org reported.
On Tuesday, Microsoft confirmed that the disruption took place. “We are aware of a small number of customers impacted by malicious routing to a server impersonating Outlook.com,” it said in an email. “If a customer sees a certificate warning, they should contact their service provider for assistance.”
Last October, Apple faced a man-in-the-middle attack in China against its iCloud service, and weeks before Yahoo had faced a similar issue in the country.
GreatFire.org claims these attacks could be a sign that the Chinese government is trying to monitor the communications of its citizenry. The country is already notorious for its online censorship, which has resulted in the blocking of foreign Internet services in the country, including those from Google, Facebook and Twitter.
Last year, China also cut access to mobile apps including messaging service Line and photo-sharing product Instagram.
China, however, has repeatedly denies it carries out any hacking attacks. The disruption to Microsoft’s Outlook.com only lasted a day, according to GreatFire.org.