Hackers may have found a new way to track you, and this Apple flaw is at the center of it
Apple's Find My network. | Image Credit - Apple
The researchers published the news in a blog post. They have found a way to turn any device, including phones, laptops, gaming consoles into an AirTag, without the owner realizing it, and then use Find My to track the location of the device. Basically, they trick Apple's Find My network to think the device is an AirTag, that is, so it starts following it.
The researchers were able to find a way to track devices using the Find My network with the right key.
Yep, the AirTag is designed to change its Bluetooth address with a cryptographic key, for security. But hackers are unstoppable, right? The researchers were able to develop a system that could find keys for Bluetooth addresses. This isn't particularly easy to do: they did it by using "hundreds" of GPUs to find a key match. But, there could be resourceful hackers too, you know.
A frankly creepy success rate of 90% was achieved by an exploit called "nRootTag", and the exploit, on top of it all, doesn't require sophisticated administrator privileges, meaning, it doesn't require rooting.
Using the exploit, the researchers were able to track the location of a computer with an accuracy of 10 feet (frankly terrifying!) which also enabled them to trace a bicycle moving through the city.
Back in July 2024, the researchers informed Apple about the vulnerability and urged Cupertino to update the Find My network to better verify Bluetooth devices. Apple acknowledged their help, but has yet to fix the issue, and hasn't given info on how it will fix it either.
The researchers also said a fix may take years to roll out, just because not all people update their devices immediately even after Apple releases a new software update.
Sadly, for now, there are not a lot of things you can do to protect yourself against it. The researchers advise to never allow unnecessary access to the device's Bluetooth when apps request it, and always keep your devices updated.
UPDATE: Apple does say that the issue was not a vulnerability in Apple products. Instead, the George Mason team showed how attackers who successfully take control over a Linux, Windows, or Android system can then further track its location using the Apple Find My network. Still Apple decided to hardened the Find My network to resist this type of inappropriate use. The hardening was released in software updates on December 11, 2024, and Apple recognized and acknowledged the George Mason team for their report on the Apple Security Release page. Apple makes it a point to comment the researchers for their work, and to thank them for furthering their understanding of potential issues with hacked devices on other platforms.
Privacy and security-focused Apple is in trouble. A team of researchers at George Mason University recently found an exploit of Apple's Find My network that ominously turns any device into a little traitor stalker. The vulnerability lets malicious users silently track any Bluetooth device using Apple's Find My network.
The researchers published the news in a blog post. They have found a way to turn any device, including phones, laptops, gaming consoles into an AirTag, without the owner realizing it, and then use Find My to track the location of the device. Basically, they trick Apple's Find My network to think the device is an AirTag, that is, so it starts following it.
How Apple's Find My works is that it sends Bluetooth messages from AirTags and other compatible item trackers to nearby Apple devices. These devices then anonymously share the location of the AirTag to its owner via Apple's servers.
The researchers were able to find a way to track devices using the Find My network with the right key.
Yep, the AirTag is designed to change its Bluetooth address with a cryptographic key, for security. But hackers are unstoppable, right? The researchers were able to develop a system that could find keys for Bluetooth addresses. This isn't particularly easy to do: they did it by using "hundreds" of GPUs to find a key match. But, there could be resourceful hackers too, you know.
A frankly creepy success rate of 90% was achieved by an exploit called "nRootTag", and the exploit, on top of it all, doesn't require sophisticated administrator privileges, meaning, it doesn't require rooting.
Using the exploit, the researchers were able to track the location of a computer with an accuracy of 10 feet (frankly terrifying!) which also enabled them to trace a bicycle moving through the city.
The researchers also said a fix may take years to roll out, just because not all people update their devices immediately even after Apple releases a new software update.
Sadly, for now, there are not a lot of things you can do to protect yourself against it. The researchers advise to never allow unnecessary access to the device's Bluetooth when apps request it, and always keep your devices updated.
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed: