Apple's own device location tracking service, the Find My feature, can be abused to siphon data from nearby devices and deliver it across the globe, a new research claims.
Apple Find My Network Hack
In a blog post, Positive Security, a cybersecurity company, sets out a proof-of-concept exploit called Send My.
The exploit demonstrates that the Bluetooth Low Energy, or the BLE broadcasts on which the Find My network is created can be manipulated by hackers to lift small quantities of arbitrary data, without even the need for any internet connection.
Made possible by an ESP32 firmware that turns a microcontroller into a modern one that taps into the network of devices, the exploit could also be used to reset mobile data plans.
The Apple Find My network is depended on a crowdsource information system instead of the GPS, in order to locate iOS, macOS, and watchOS devices, and now Apple AirTags.
If someone opts into the program, the device will start to communicate through the BLE with other Apple devices in the area. The volume of Apple products in circulation means that these device pings can be used to create an accurate map of the location of each piece of kit.
As part of this process, the communications between devices are also relayed to Apple's servers, from where there information could be later retrieved.
In this case, Positive Security developed a macOS app that can retrieve, decode, and display this data.
Fabian Braunlein, the co-founder of Positive Security, said that a technique like this could be employed by small sensors in uncontrolled environments to avoid the cost and power consumption of mobile internet. He added that it could be interesting for exfiltrating data from Faraday-shielded sites that are visited by iPhone users from time to time.
While the quantity of data that could be lifted through this method is limited and the latency is only up to 60 minutes, it is thought that advanced threat actors may be able to leverage the exploit to good effect, as reported by TechRadar.
According to Positive Security, the privacy-centric way in which the Find My network has been architected means it may be impossible for Apple to block off the attack vector.
Apple AirTags Security Flaw
Bräunlein added that Apple's latest device, AirTags, is also experiencing security flaw. All it takes is a bit of knowledge and a bit of creativity, to turn the device into a spy gadget.
According to Motherboard, several hackers, some of whome acted out of curiosity, was able to crack open Apple's new device and complete change its purpose.
The hackers have even shown how Apple's AirTags could be turned into a malicious device, although there is no evidence of such tactics being used in the wild yet.
AirTags are basically Apple buttons that users can attach to different items and track their movement. The devices were unveiled earlier this year after months of speculation, and could be a massive potential earner for Apple.
Although Bräunlein praised Apple's work, citing that it was cryptographically well designed, he said that the company could limit the misuse of potential through design changes.
This article is owned by Tech Times
Written by Sophie Webster