A pair of security researchers reverse-engineered Apple’s iMessage protocol and found that Apple controls the encryption key infrastructure for the system. The researchers say Apple has the ability to read users messages if it so chooses. Apple does not use certificate pinning for iMessage, meaning that the system is open to a MiTM attack by outside attackers. Researchers say there are other methods that Apple could have used for the key infrastructure to avoid some of these problems, such as Silent Circle.
Source: https://threatpost.com/apple-imessage-open-to-man-in-the-middle-spoofing-attacks/102610/