George Mason University researchers recently uncovered a way for hackers to track the location of nearly any computer or mobile device. Named "nRootTag" by the team, the attack uses a device’s Bluetooth address combined with Apple's Find My network to essentially turn target devices into unwitting homing beacons.
"It's like transforming any laptop, phone, or even gaming console into an Apple AirTag - without the owner ever realizing it," said Junming Chen, lead author of the study. "And the hacker can do it all remotely, from thousands of miles away, with just a few dollars."
The team of Qiang Zeng and Lannan Luo—both associate professors in the Department of Computer Science—and PhD students Chen and Xiaoyue Ma found the attack works by tricking Apple's Find My network into thinking the target device is a lost AirTag. AirTag sends Bluetooth messages to nearby Apple devices, which then anonymously relay its location via Apple Cloud to the owner for tracking. Their attack method can turn a device—whether it's a desktop, smartphone, or IoT device—into an "AirTag" without Apple's permission, at which point the network begins tracking.
In experiments,
they were able to pinpoint a stationary computer's location to within 10 feet, accurately track a moving e-bike's route through a city, and even reconstruct the exact flight path and identify the flight number of a gaming console brought onboard an airplane. Zeng gave an alarming example: “While it is scary if your smart lock is hacked, it becomes far more horrifying if the attacker also knows its location.
With the attack method we introduced, the attacker can achieve this.”
more
