infosec

Apple's Find My Network Exploit Lets Hackers Silently Track Any Bluetooth Device

9to5Mac reports: Although AirTag was designed to change its Bluetooth address based on a cryptographic key, the attackers developed a system that could quickly find keys for Bluetooth addresses. This was made possible by using "hundreds" of GPUs to find a key match. 

The exploit called "nRootTag" has a frightening success rate of 90% and doesn't require "sophisticated administrator privilege escalation." 

In one of the experiments, the researchers were able to track the location of a computer with an accuracy of 10 feet, which allowed them to trace a bicycle moving through the city. In another experiment, they reconstructed a person's flight path by tracking their game console.

Apple's Find My Network Exploit Lets Hackers Silently Track Any Bluetooth Device

9to5Mac reports: Although AirTag was designed to change its Bluetooth address based on a cryptographic key, the attackers developed a system that could quickly find keys for Bluetooth addresses. This was made possible by using "hundreds" of GPUs to find a key match. 

The exploit called "nRootTag" has a frightening success rate of 90% and doesn't require "sophisticated administrator privilege escalation." 

In one of the experiments, the researchers were able to track the location of a computer with an accuracy of 10 feet, which allowed them to trace a bicycle moving through the city. In another experiment, they reconstructed a person's flight path by tracking their game console. 

https://yro.slashdot.org/story/25/02/28/013227/apples-find-my-network-exploit-lets-hackers-silently-track-any-bluetooth-device?utm_source=rss1.0mainlinkanon&utm_medium=feed

🌷💀⏳

teleyinex.eth ▫️

teleyinex.lens ▫️

teleyine.x ▫️

daniellombrana.es  ▫️

@astaralabs ▫️

@obeygiant ▫️

@scifabric ▫️

dev

Well that sucks. I like find my for my devices. I do not like air tags, and I do not like that find my can become air tags for bad actors.