Apple’s Find My feature is an incredibly powerful tool that can be used for locating lost iPhones, iPads, PCs, AirPods, Apple Watch and even iPod. Now, researchers have reportedly found an exploit that can let hackers track a user’s location using the company’s Find My Network.
Apple’s Find My Network can be used to stalk users
- According to a report by 9to5Mac, researchers from George Mason University have found an exploit that can turn almost any device, such as a phone and a laptop, into an AirTag.
- Apple’s Find My Network finds a lost device by sending Bluetooth messages from AirTags and other nearby tracking devices to the nearest Apple devices. These Apple devices then anonymously share the location of the AirTag with the device owner via Apple’s servers.
- The exploit essentially uses a target device’s Bluetooth address along with Apple’s Find My Network to track its location.
- It reportedly works by tricking Apple’s Find My Network into thinking that the targeted device is a lost AirTag. The target device sends a message to the nearest Apple device, which then anonymously shares this information with the owner for tracking.
- It is worth noting that Apple’s AirTags are designed to change Bluetooth address based on a cryptographic key. To find the exact Bluetooth address for tracking the location of the targeted device, researchers developed a system that could find this encrypted key. This was done using ‘hundreds of GPUs’.
- As per the report, this hack has a success rate of 90 percent.
- In their experiments, researchers were able to track the location of a computer with an accuracy of up to 10 feet. They were also able to reconstruct the path of a flight by tracking a gaming console.
-
What can Apple device owners do to protect themselves?
- The researchers reportedly informed Apple of the exploit back in July 2024.
- While the company has publicly acknowledged the issue, it is yet to release a security patch to fix it.
- For now, Apple device owners can keep their device software updated and never allow unnecessary accesses to their device’s Bluetooth to protect themselves.