Hackers have worked out how to exploit Apple’s Find My network, by abusing Bluetooth on a device to effectively turn anything into a trackable AirTag.
AirTag
The Find My network is considered to be an extremely useful service, allowing users to track down a mislaid iPhone, lost luggage, or even a stolen car adorned with an AirTag. However, while Apple has done what it can to make the network as secure and as trustworthy as possible, security researchers have apparently managed to work around the protections.
George Mason University researchers, associate professors Qiang Zeng and Lannan Luo and PhD students Chen and Xiaoyue Ma, created “nRootTag” as an attack that takes advantage of Bluetooth addresses. It does so by tricking the Find My network into thinking a device is a missing AirTag.