Apple’s Bluetooth-powered item tracker, Airtags, was designed with good intentions in mind: it’s useful for attaching important things, such as keys and luggage, to help you find them if they’re lost. However, the devices apparently come with a small design flaw – a Which may allow a dishonest person to use them in a corrupt manner.
Bobby Rouch, an intrusion tester and security researcher, recently contacted cybersecurity blogger Brian Krebs He discovered an exploit that would allow tracking devices to be used as potential vectors for certificate snatching and data theft. Attack, which uses Apple’s way “Lost Feelings” Set up, one might notice an unexpectedly good Samaritan – anyone who finds an airtag in a public place and wants to return the item to its rightful owner.
When they are missing, the air tags can be tracked remotely via Apple Find my app, But the person who finds the lost tag can also help return it to its owner. There may be an airtag Scanned Via an NFC reader on an iPhone or Android device, and if the airtag is kept “Feeling lost, ”Will automatically reveal any contact information associated with the device to Finder. Airtag owners can set it up Through Find My To include a phone number or email address and can also input a short message – perhaps to some degree, “Hey, it’s mine, please come back to XYZ.” When someone finds and scans the airtag, they will be automatically asked to view a unique URL on their phone that displays the owner’s contact information and messages. In short, it is a concept similar to the dog tag, which is usually equipped with contact information for where to return a lost pup.
However, although this is a well-planned feature, it does expose good Samaritans to potential attacks. This is because there is nothing to prevent the owner of Airtag from injecting intentional code into the phone number field of the device’s URL. This type of code can be used to send AirTag Finder to phishing sites or to other malicious webpages designed to collect certificates or steal their personal information. Recently told Krebs. Theoretically, an unruly vine could thus purchase airtags for the specific purpose of converting them into malicious Trojans, then scatter them around for an unsuspecting person.
Krebs aptly By comparison This is one of the classic plots where a hacker would leave a nodescript flash drive – usually in a company’s parking lot or some other public space. Eventually, some curious, unfortunate person will pick up that USB drive and plug it into their computer, thus revealing in secret what is hidden in the malware. Similarly, a bad actor can definitely leave airtags with two “lost” items, and wait for someone to pick it up and try to return it to its rightful owner.
Apple has apparently been slow to respond to this issue. Rauch, who discovered the exploit, told Krebs That he reached out to the company in June and they basically blew him away. For three months, Apple representatives simply told Rauch that they were “still investigating” his claims, but would not promise to disclose the matter or tell him if he was worthy of them. Bug Bounty program. Finally, when Rauch reached out to Krebs last Friday, the company finally came back to him and said they planned to fix the bug in an upcoming update. They also told him not to disclose his results.
However, Rauch has done just that now, Penning His own blog It explains how exploitation works: “An attacker can create armed air tags, and drop them around, preying on innocent people who are trying to help a person find their lost airtags,” he wrote.
We reached out to Apple to comment on all of this. At the time of publication, they had not returned to us. We will update this story if they respond.