Summary
- Apple’s Find My network can turn almost any device, even Android phones, into fake AirTags.
- This loophole lets bad actors secretly track people by bypassing Apple’s built-in security measures.
- The attack works remotely, needing no physical access or special permissions to track someone’s location.
Apple’s Find My network has been a go-to for keeping tabs on iPhones and other compatible devices like headphones. However, it turns out the system might not be as bulletproof as we thought, thanks to a major security flaw that opens the door to a much bigger security risk.
No Thanks, Keep Reading
Researchers at George Mason University recently uncovered a major flaw in Apple’s Find My service that lets hackers turn pretty much any device—even Android phones—into a fake AirTag. This loophole opens the door for bad actors to secretly track people, completely bypassing the protections Apple built into the system (via Android Authority).
Related
How do AirTags work?
Apple’s Bluetooth tracker is your one-stop solution for keeping track of your personal items, valuables, and even little ones
Using a massive GPU setup, the researchers cracked the cryptographic protections that keep Apple AirTags safe from Bluetooth address tampering. This heavy-duty computing power allowed them to create a flexible key called “nRootTag,” which works inside the Find My network’s encrypted system. The exploit dodges normal security checks and successfully mimics an AirTag a whopping 90% of the time.
The attack mimics a lost AirTag to trick Apple’s Find My network
As the researchers explained in their findings, the attack tricks Apple’s Find My network into thinking the target device is a lost AirTag. Once the network is fooled, the fake AirTag sends out Bluetooth signals to nearby Apple devices. These devices then quietly pass the location data to the attacker through Apple’s cloud, letting them track the target without being detected.
In a controlled test, researchers showed just how precise the system can be, tracking a computer’s movements within 10 feet and even mapping a bike’s route through a city. In another experiment, they managed to piece together someone’s flight path just by tracking the location of their gaming console.
Related
How to find AirTags and other Bluetooth trackers with your Android phone
Keep an eye on what’s keeping an eye on you
What makes this exploit even scarier is that it can be done remotely, with no physical access or special permissions needed. With its high success rate and quick location tracking, this flaw opens the door to stealthy stalking and even unauthorized profiling by groups like advertisers, all without relying on traditional GPS.
Apparently, Apple has known about this vulnerability for around a year but still hasn’t rolled out a fix. On top of that, researchers warn that even if a patch is released, the problem might stick around because so many users take forever to update their devices.
