Apple Find My Vulnerability Opens the Door to Tracking People Through Any Bluetooth Device

Apple’s Find My network allows owners of Apple devices and accessories to track them – the company has released AirTag trackers specifically for this purpose. But despite the manufacturer’s protective measures, there is a way to turn any Bluetooth device into a means of tracking a person, researchers at George Mason University (USA) have discovered.

Image source: apple.com

They found a way to essentially turn any device, including a phone or laptop, into an AirTag and do it in such a way that its owner doesn’t know anything. As a result, attackers can remotely track the location of this device. The principle of the Apple Find My network is that AirTag and other compatible trackers send messages via Bluetooth to nearby Apple devices – these devices anonymously transmit the location of the tracker to the owner through the manufacturer’s servers. Using the appropriate key, you can track any device with Bluetooth through the Find My network.

The AirTag cryptographic key-based tracker can change its Bluetooth address, but scientists have developed a system that can quickly find such keys – requiring the resources of “several hundred” graphics processors. The exploit, called nRootTag, has a 90% success rate and does not require administrator privileges. The authors of the study conducted an experiment and determined the location of a given computer to within 10 feet (3.05 m), and then tracked a bicycle moving around the city. In another experiment, they reconstructed the flight path of a person tracked through a gaming console.

The authors of the project shared their results with Apple in July 2024 and recommended that the company change the mechanism of the Find My network to improve security when checking Bluetooth devices. The company confirmed that it had studied the report, but has not yet made any changes to the network architecture and has not said when it intends to do so. A full fix for the error could take several years, the researchers point out: even if Apple releases software updates to close the vulnerability, users are unlikely to install them promptly. Owners of Apple devices are advised not to grant permissions for apps to access Bluetooth unless they are sure that this is necessary, and to regularly update the firmware of their devices.