Researchers Hack Apple's Find My Network to Track Any Bluetooth Device
A team of researchers at George Mason University has made a groundbreaking discovery that could have significant implications for user privacy and security. They have found a way to hack into Apple's Find My network, allowing them to track any Bluetooth device using the network. The hack, dubbed nRootTag, can be used by hackers to make any Bluetooth device into "unwitting homing beacons," essentially turning it into a tracking device without the owner's knowledge or consent.
The researchers were able to bypass the security measures that protect Apple AirTags from being hacked. They discovered a way around how an Apple AirTag changes its Bluetooth address using a cryptographic key, which protects the AirTag from unauthorized access. By developing key search methods, they created a compatible Bluetooth address that the key adapts to, effectively bypassing the secure key.
The researchers claim to have achieved a 90% success rate with their nRootTag hack, which can be performed remotely without administrator access to a device. This means that hackers can track devices running Android, Windows, Linux, smart TVs, and VR headsets, as well as Apple devices. However, the hack requires intense processing power to create a compatible nRootTag quickly.
To execute the nRootTag hack successfully, the researchers used "hundreds of graphics processing units (GPUs)" by renting GPU services typically used by AI developers and Bitcoin miners. To reduce processing time, hackers can save the list of failed nRootTags for reference.
The vulnerability was reported to Apple in June 2024, but the company has yet to release a patch to fix it. According to George Mason University's report, Apple has officially acknowledged the vulnerability. Due to the immense amount of processing power required, it's unlikely that users will see this attack in the wild.
However, there are steps users can take to protect themselves. Being aware of Bluetooth notifications from apps asking for unwarranted and unexpected permission to connect is crucial. Users can also check what Bluetooth devices are connected to their iPhone, iPad, and Mac in the Bluetooth System Settings.
Apple releases security patches through OS updates, so installing them as soon as possible is important. Additionally, users should update their apps on Macs, which can be done through the App Store or an app's settings. For more information and guides on how to protect your Mac from malware and other security threats, visit our website.
What You Can Do to Protect Yourself
- Be aware of Bluetooth notifications from apps asking for unwarranted permission to connect.
- Check what Bluetooth devices are connected to your iPhone, iPad, and Mac in the Bluetooth System Settings.
- Install security patches through OS updates as soon as possible.
- Update your apps on Macs through the App Store or an app's settings.
About the Authors
Roman Loyola is a Senior Editor at Macworld, with over 30 years of experience covering the tech industry. He has written for numerous publications, including MacUser, MacAddict, and TechTV. Roman is also the host of the Macworld Podcast and has received Apple certification as a repair technician.