Outlook.com hacked in China following Gmail block

Following the ban on Gmail imposed by China on Dec 26 2014, it seemed the government services also attacked Outlook.com. Though the web interface was not affected with the hack, all email clients were unable to access Outlook via SMTP, IMAP and POP servers.

Image: GreatFire.org

Image: GreatFire.org

The online censorship center Greatfire.org says it has reasons to believe that the Chinese governmental organization named Cyberspace Administration of China (CAC) was behind the hacking of Outlook.com over the weekend. On Monday Jan 19, 2015, the people at Greatfire probing the hack were still not able to access Outlook.com using different email clients. The clients on even mobile devices such as iOS and Android were also not able to login and fetch or send messages.

It is supposed to be a Man in The Middle (MITM) attack according to Greatfire.org. When tried to access via any email client, the users got a popup message saying unable to verify server identity. It then gave them three options: Cancel, Detail and Continue. In most of the cases, people simply click Continue without thinking twice. This may lead to dubious sites. You might be aware that previously, China had seen hacking and denial of service from Yahoo and other communications services.

According to the Greatfire.org, the online censorship watchdog, China is trying to crack down on communication services that it cannot monitor consistently. China is known for its high censorship of different communication services and the whole thing is named The Great Firewall Mechanism of China. At the time of writing this article, services were resumed for the time being. It remains to be seen if China goes ahead and blocks Microsoft Outlook as well because monitoring the whole system would prove very tedious task.

Following this Man in the Middle Attack, Greatfire says that the China Internet Network Information Center (CNNIC), which is the parent body of Cyberspace Administration of China, should not be trusted and as such, Microsoft, Apple and other vendors should revoke the trust certificates issued by the organization.

Posted by with Tags
Arun Kumar is obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses. He also offers online training for Business English. Follow him on Twitter @PowercutIN