New Hack Turns Any Device into a Secret Tracker via Apple’s Find My Network

George Mason University researchers have uncovered a big security vulnerability called “nRootTag” that lets hackers track the location of nearly any computer or mobile device. This attack exploits Apple’s Find My network by tricking it into treating target devices as lost AirTags, effectively turning them into unwitting homing beacons.

The attack method uses a device’s Bluetooth address combined with Apple’s Find My network to track locations. It works on devices running Linux, Android, Windows, as well as some Smart TVs and VR Headsets. Researchers pinpointed a stationary computer’s location within 10 feet and accurately tracked moving devices. The technique has a 90% success rate and can track devices within minutes.

The attack bypasses the need for administrator privileges by adapting the key to the Bluetooth address rather than modifying the address itself. Researchers used hundreds of GPUs to quickly find matching keys, taking advantage of affordable GPU rentals. Mismatches can be saved to a database (rainbow table) for future use, making it effective for targeting multiple devices simultaneously.

This vulnerability raises concerns about privacy risks, as it could be misused for stalking, harassment, corporate espionage, or national security threats. It could also be attractive to advertising companies for user profiling without relying on device GPS. The attack works broadly on various devices and operating systems, making it a widespread issue.

Researchers informed Apple of the issue in July 2024, and Apple acknowledged it in subsequent security updates. A complete fix may take years to roll out, and vulnerable devices may persist until they “die out”. Users are advised to be cautious of apps requesting unnecessary Bluetooth permissions, keep devices updated, and consider privacy-focused operating systems.

More here.