Photo: Apple
Researchers at George Mason University have uncovered a critical security flaw in Apple's Find My network, enabling hackers to silently track any Bluetooth device. This exploit, dubbed "nRootTag," effectively turns any Bluetooth-enabled device, such as a phone or laptop, into a covert AirTag, allowing for remote location tracking without the owner's knowledge.
The researchers demonstrated how they could bypass AirTag's anti-stalking measures by reverse-engineering the cryptographic keys used to generate Bluetooth addresses. By leveraging "hundreds" of GPUs, they could rapidly find matching keys, achieving a 90% success rate. This allowed them to track devices with remarkable accuracy, even reconstructing a person's flight path by tracking their game console. While the researchers notified Apple of the vulnerability in July 2024, and Apple acknowledged their findings, a patch has yet to be released.
The researchers warn that a comprehensive fix may take years to implement due to the need for widespread software updates. In the meantime, they recommend users exercise caution by limiting unnecessary Bluetooth access and ensuring their devices are always running the latest software.