Apple IDare the favorite target of hackers, especially Asian ones, and a recent phishing attack targeting Apple IDs also exploited over 100 other websites. Those from Trend Micro they discovered a phishing attack that took place by sending emails to Americans, the email appearing to come from Apple, but in reality directing users to the hackers' server. By accessing a link embedded in the email, users were asked to log in, provide confidential information, all of which allowed hackers to take control of their Apple IDs.
We've identified a total of 110 compromised sites, all of them hosted at the IP address 70.86.13.17, which is registered to an ISP in the Houston area. Almost all of these sites have not been cleaned. We've seen attacks targeting not only American users, but also British and French users. Some versions of this attack ask not only for the user's Apple ID login credentials, but also their billing address and other personal and credit card information. It will eventually result in a page that states that access has been restored, but of course the information has been stolen.
The over 100 websites compromised by the hackers were used for the entire attack, the emails being sent through them to the users. It is very likely that many people have fallen into the hackers' trap and left their confidential information in their databases, but at the moment the problem has been solved. Many attacks of this kind took place over time, and Americans were in most cases the main target.
