Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

AirTag clone bypassed Apple’s tracking-protection features, claims researcher

A security researcher claims he bypassed the tracking protection features built into Apple’s Find My app and AirTag tracking devices with a custom-made AirTag clone.

Amid mounting concerns that AirTags are ripe for abuse by stalkers and other wrongdoers, the researcher said he successfully tracked an iPhone user for five days (with their consent) without triggering a single tracking notification.

Launched in April 2021, AirTags communicate with Apple’s Find My service to help users keep track of personal items such as keys, wallets, and luggage.

However, several reports of malicious misuse have surfaced, from devices planted to facilitate grand theft auto to those surreptitiously slipped into victims’ coat pockets.

‘Obvious bypass ideas’

Apple moved to address fears around unwanted tracking earlier this month by unveiling a raft of safety warning enhancements.

However, Fabian Bräunlein, co-founder of Berlin-based infosec consultancy Positive Security, said he quickly devised some “quite obvious bypass ideas for every current and upcoming protection measure”, before building an OpenHaystack-based AirTag clone to validate his hypotheses.

The most common method for detecting unwanted AirTags – iPhone notifications that are triggered when AirTags are separated from their owner’s device but observed moving with another device – was readily bypassed by programming the clone “to continuously broadcast new, never-seen-before public keys”.

The clone, which had no speaker, was also undetectable by beeping alerts.

Bräunlein said Apple’s upcoming privacy changes would be similarly toothless in the face of modified or cloned AirTags. These include a new ‘Precision Finding’ function, refinements to unwanted-tracking alert logic, and use of louder audio alerts.

Third-party success

While the clone went undetected by Apple’s asset-tracking apps for the iOS and Android ecosystems – Find My and Tracker Detect, respectively – it was spotted by a third-party alternative.

AirGuard, which was developed by the Secure Mobile Networking Lab (SEEMOO) at the Technical University of Darmstadt’s computer science department, discovered the clone in ‘manual scan’ mode.

“iOS and Tracker Detect ignore those devices since they mimic a lost iPhone,” Alexander Heinrich, SEEMOO PhD student and a security expert on the AirGuard project, told The Daily Swig.

Despite its success against Bräunlein’s AirTag imitator, AirGuard was actually designed to detect off-the-shelf devices, such as the Chipolo One Spot and modified, speaker-free AirTags, which Heinrich said are fuelling stalking.

Heinrich said SEEMOO is now working on a follow-up project. “The main issue is that a lost iPhone or a closed MacBook send exactly the same signals as such a tracker,” he said. “We want to develop [the] next version that utilizes as much information as possible to reduce possible false alarms and reliably detect malicious and modified devices.”

‘Cat and mouse’

Bräunlein told The Daily Swig that Apple could incorporate AirTag imitators into its threat model by “excluding non-genuine devices from the network” or “improving the detection logic to also detect nearby trackers”.

Advertisement. Scroll to continue reading.

“The first option would seem to require major changes to the Find My protocol’s design,” he continued. “The second option would require smaller changes, but it’s likely also less effective and leads to the ‘cat and mouse game’ we know from other areas of security.”

The Daily Swig has invited Apple to comment on Bräunlein’s findings but we’ve heard nothing back so far. We will update the article should they get back to us.

Source: https://portswigger.net/daily-swig/airtag-clone-bypassed-apples-tracking-protection-features-claims-researcher

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

On June 21, 2023, hackers broke into LetMeSpy’s servers and stole private data. Following the hack, the attackers were able to obtain unauthorized access...

Cyber Security

Twitter faced further criticism this week when Elon Musk’s social networking platform announced SMS-based 2FA will only be available to paying customers going forward....

Cyber Security

KeePass has become the latest password manager utility obliged to defend its reputation following the discovery of an alleged vulnerability. Security researchers warned that it might be...

Cyber Security

Gartner has patched a DOM XSS vulnerability found in the Peer Insights widget, a security bug researchers reckon dates back to the original development of the...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO