According to Android Police , Apple's Find My device tracking network, which is considered a 'fortress' to protect users from theft, has recently been discovered to contain a serious vulnerability, allowing hackers to turn any device, including Android phones, into a fake AirTag and secretly track its location.
Serious Find My Vulnerability Causes Trouble for Apple
PHOTO: FORBES SCREENSHOT
Find My is exploited by hackers due to dangerous vulnerability
According to research from George Mason University in the US, this vulnerability lies in the ability to break Apple's cryptographic protection measures, allowing the creation of a flexible key called 'nRootTag'. Using the computing power of a giant GPU system, hackers can bypass normal security checks and successfully fake AirTag up to 90% of the time.
The attack works by tricking the Find My network into identifying the target device as a lost AirTag. The fake AirTag then broadcasts a Bluetooth signal to nearby Apple devices, silently transmitting location data to the attacker via iCloud.
The researchers demonstrated the vulnerability’s precise tracking capabilities in a series of tests. They were able to track a computer’s movements within 3 meters, retrace a bicycle’s route through a city, and even reconstruct a person’s flight path just by tracking a video game console.
What is worrying is that this vulnerability can be exploited remotely, without any physical intervention or special access. It opens up the risk of surreptitious surveillance and privacy invasion.
Notably, Apple was notified of the vulnerability a year ago, but has yet to patch it. Researchers warn that even if a patch is released, the risk remains because many users delay updating their devices.
While waiting for Apple to make a move to address the issue, users need to raise their security awareness and update their devices regularly to avoid becoming easy prey for cybercriminals.
Source: https://thanhnien.vn/lo-hong-nguy-hiem-trong-find-my-khien-apple-dau-dau-185250228182453965.htm
Comment (0)