FlagThis

George Mason University researchers have revealed a novel attack, dubbed "nRootTag," that exploits Apple's Find My network to track computers, smartphones, and IoT devices. This method uses a device’s Bluetooth address to trick the Find My network into identifying the target device as a lost AirTag. This effectively transforms the targeted device into a covert tracking beacon, enabling hackers to monitor its location remotely.

This unauthorized "AirTag" silently transmits Bluetooth signals to nearby Apple devices, which then anonymously relay the device's location via Apple Cloud. According to the research, a stationary computer’s location could be pinpointed to within 10 feet, and a moving e-bike's route could be accurately tracked. The researchers informed Apple about the exploit in July 2024 and recommended that the company update its Find My network to better verify Bluetooth devices.

ImgSrc: mnwa9ap4czgf-u1

References :

• cyberinsider.com: Apple’s Find My Exploited in nRootTag Attacks for User Tracking
• Dan Goodin: The new "nRootTag" attack that transforms phones, computers and IoT devices into AirTags that can be tracked over Apple Find My sounds newsworthy at first blush.
• Techlore: : Researchers uncovered some nasty vulnerabilities in Apple's Find My network

Classification:

• HashTags: #cybersecurity #apple #tracking
• Company: Google
• Target: Apple users
• Attacker: Palo Alto Networks
• Product: apple find my
• Feature: Apple find my exploit
• Malware: nRootTag
• Type: Vulnerability
• Severity: Medium