Fabian Braunlein, a security researcher has detected a vulnerability in Apple’s Find My Network feature that can be seriously exploited by people with malicious intent to send text messages to the devices within range. This protocol was designed to empower Apple users to find lost items by sharing GPS coordinates from devices. However, the security researcher showed how AirTag communication can be faked.
Apple has claimed that this network is secure and meant to help users to find their lost stuff. The security protocols used are of industry standards and use end-to-end encryption. The research claims that using this feature, users can send text messages in addition to location details that were only intended to. These text messages can be sent to iPhone, iPad, and Mac.
However, Fabian Braunlein has found a flaw within the system to transmit normal text messages to nearby devices. He was able to send text messages by using the same method that is used by an AirTag device to communicate. It sends its GPS coordinates as an encrypted message. Braunlein already has reference to this flaw from the study carried out by the German Technical University of Darmstadt. This university was carrying out a project to help iOS developers develop more accessories that can be used with Apple’s Find My network feature. Once he got hold of the protocols used in Find My Network by Apple, it was easy to make a new custom device that has a microcontroller with firmware and could transmit messages. In addition to this custom device, he also developed a Mac App which could display and decode the message sent from the device.
At this point, the research shows that Apple’s Find My Network is vulnerable but there is no exact device currently that can be used to send malicious content. However, that does not mean it cannot be done. Apple’s protocol can easily be changed to send text messages instead of location data as proven by the research carried out.
Coincidentally, only past week, there were reports from a German Security Researcher that Apple’s all-new AirTag could be compromised with the default Find My Link replaced by a custom link, especially for NFC readers. The coincidence is that although the people who presented these findings are different, the nature of the research and findings are very much similar.