Someone already hacked Apple's Find My network to send arbitrary data

AirTag Keychain
AirTag Keychain (Image credit: Joe Keller / iMore)

What you need to know

  • Someone has been able to send arbitrary text via the Find My network.
  • They created a fake AirTag to send the messages.

Find My, the network of iOS and macOS devices that is used by AirTag and others for location tracking, can be used to send arbitrary text to other devices. That's the discovery of one security researcher who published their findings in a new blog post.

Researcher Fabian Bräunlein essentially created a fake AirTag to send text across the Find My network, receiving it on a remote Mac. It's notable that it isn't thought that the process used by Bräunlein is something Apple can easily work to block.

With the recent release of Apple's AirTags, I was curious whether Find My's Offline Finding network could be (ab)used to upload arbitrary data to the Internet, from devices that are not connected to WiFi or mobile internet. The data would be broadcasted via Bluetooth Low Energy and picked up by nearby Apple devices, that, once they are connected to the Internet, forward the data to Apple servers where it could later be retrieved from. Such a technique could be employed by small sensors in uncontrolled environments to avoid the cost and power-consumption of mobile internet. It could also be interesting for exfiltrating data from Faraday-shielded sites that are occasionally visited by iPhone users.

The good news is that the text that can be sent is so small it's unlikely anyone will be able to get up to no good. But the fact still remains – arbitrary text can be transmitted via the Find My network of millions of devices, all without their owners knowing.

There's a ton of technical information about what exactly went down over in the blog post and it's a fascinating read if you're so inclined.

This is all caused by the Find My network so the best Bluetooth trackers out here won't be susceptible. Something to keep in mind if you're at all concerned.

Oliver Haslam
Contributor

Oliver Haslam has written about Apple and the wider technology business for more than a decade with bylines on How-To Geek, PC Mag, iDownloadBlog, and many more. He has also been published in print for Macworld, including cover stories. At iMore, Oliver is involved in daily news coverage and, not being short of opinions, has been known to 'explain' those thoughts in more detail, too.

Having grown up using PCs and spending far too much money on graphics card and flashy RAM, Oliver switched to the Mac with a G5 iMac and hasn't looked back. Since then he's seen the growth of the smartphone world, backed by iPhone, and new product categories come and go. Current expertise includes iOS, macOS, streaming services, and pretty much anything that has a battery or plugs into a wall. Oliver also covers mobile gaming for iMore, with Apple Arcade a particular focus. He's been gaming since the Atari 2600 days and still struggles to comprehend the fact he can play console quality titles on his pocket computer.