Menu
Menu
Microsoft's Outlook.com faces brief man-in-the-middle attack in China

Microsoft's Outlook.com faces brief man-in-the-middle attack in China

Apple and Yahoo faced similar attacks in the country last year

Microsoft's Outlook.com briefly faced a "man-in-the-middle" attack in China, according to a watchdog group, following similar eavesdropping attempts against Apple and Yahoo last year.

The group, GreatFire.org, noticed the attack against Outlook on Saturday for users attempting to visit the service through mobile and desktop email clients.

Accessing the service, prompted users to see warning messages, stemming from the service failing to return a trusted digital certificate, according to GreatFire.org.

Man-in-the-middle attacks work by trying to eavesdrop on the user's communications. This is typically done when a hacker impersonates a service the user is hoping to visit in an attempt to intercept the victim's login and password information.

In the case of the Outlook attack, tests showed that access to the Microsoft email service had likely been tampered with, GreatFire.org reported.

On Tuesday, Microsoft confirmed that the disruption took place. "We are aware of a small number of customers impacted by malicious routing to a server impersonating Outlook.com," it said in an email. "If a customer sees a certificate warning, they should contact their service provider for assistance."

Last October, Apple faced a man-in-the-middle attack in China against its iCloud service, and weeks before Yahoo had faced a similar issue in the country.

GreatFire.org claims these attacks could be a sign that the Chinese government is trying to monitor the communications of its citizenry. The country is already notorious for its online censorship, which has resulted in the blocking of foreign Internet services in the country, including those from Google, Facebook and Twitter.

Last year, China also cut access to mobile apps including messaging service Line and photo-sharing product Instagram.

China, however, has repeatedly denies it carries out any hacking attacks. The disruption to Microsoft's Outlook.com only lasted a day, according to GreatFire.org.

Join the CIO New Zealand group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the CIO New Zealand newsletter!

Error: Please check your email address.

Tags Internet-based applications and servicesMicrosoftsecurityMailinternet

More about AppleFacebookGoogleMicrosoftYahoo

Show Comments