Find My Network Exploit Turns Any Bluetooth Device Into a Tracker

by

George Mason University researchers claim to have uncovered a serious vulnerability in Apple's Find My network that allows hackers to track virtually any Bluetooth-enabled device without the owner's knowledge.

find my friends precision finding
Called "nRootTag," the exploit tricks the Find My network into treating ordinary Bluetooth devices as if they were AirTags, allowing hackers to turn laptops, smartphones, game controllers, VR headsets, and even e-bikes into unwitting tracking beacons.

Find My works by having AirTags and other Find My-compatible items send Bluetooth signals to nearby Apple devices, which then anonymously relay location data to Apple's servers. The researchers discovered they could manipulate cryptographic keys to make the network believe any Bluetooth device was a legitimate AirTag.

The research team found that the attack has a 90% success rate and can pinpoint a device's location within minutes. "While it is scary if your smart lock is hacked, it becomes far more horrifying if the attacker also knows its location," said one of the researchers.

What makes the exploit even more concerning is that it doesn't require physical access or administrator privileges on the target device – it can actually be executed remotely. In their experiments, the team successfully tracked a stationary computer with 10-foot accuracy and even reconstructed the exact flight path of a gaming console brought onboard an airplane.

The attack does require fairly hefty computing resources – the research team used hundreds of graphics processing units to quickly find matching cryptographic keys. However, they note that this could be achieved relatively inexpensively by renting GPUs, which has become a common practice in the crypto-mining community.

The team said they notified Apple about the vulnerability in July 2024, and Apple has since acknowledged the issue in security updates, but the company hasn't yet revealed how it's going to resolve the issue.

Even after Apple implements a fix, the researchers warn the vulnerability could persist for years as many users delay updating their devices. "The vulnerable Find My network will continue to exist until those devices slowly 'die out,' and this process will take years," said one researcher.

The research will be formally presented at the USENIX Security Symposium in August. Meantime, the team recommends users be cautious about apps requesting Bluetooth permissions, keep their devices updated, and consider privacy-focused operating systems for better protection.

Tag: Find My Guide

Popular Stories

ios 18 4 carplay

iOS 18.4 Includes a Small But Useful Change for CarPlay

Sunday February 23, 2025 2:23 pm PST by
The first beta of iOS 18.4 is now available, and it includes a small but useful change for CarPlay. As we noted in our list of iOS 18.4 features, CarPlay now shows a third row of icons, up from two rows previously. However, this change is only visible in vehicles with a larger center display. For example, a MacRumors Forums member noticed the change in a Toyota Tundra, which can be equipped...
Read Full Article106 comments
cook trump

Trump Responds to Apple Keeping Diversity Policies

Wednesday February 26, 2025 6:32 am PST by
In an all-caps post on Truth Social today, U.S. President Donald Trump said Apple should fully end its diversity, equity, and inclusion (DEI) policies. Tim Cook meeting with President Trump in 2017 "APPLE SHOULD GET RID OF DEI RULES, NOT JUST MAKE ADJUSTMENTS TO THEM," he wrote. Trump's post comes one day after Apple held its annual shareholders meeting, during which a majority of...
Read Full Article407 comments
apple watch ultra snow

6 Features Coming to the Apple Watch Ultra 3

Tuesday February 25, 2025 9:00 am PST by
The Apple Watch Ultra 3 is expected to launch later this year, arriving two years after the previous model with a series of improvements. While no noticeable design changes are expected for the third generation since the company tends to stick with the same Apple Watch design through three generations before changing it, there are a series of internal upgrades on the way. By the time the ...
Read Full Article188 comments
iOS 18

Apple Says iOS 18.4 Will Be Released in April With These New Features

Wednesday February 26, 2025 7:15 am PST by
In a recent press release, Apple confirmed that iOS 18.4 will be released in April. From the Apple News+ Food announcement:Coming with iOS 18.4 and iPadOS 18.4 in April, Apple News+ subscribers will have access to Apple News+ Food, a new section that will feature tens of thousands of recipes — as well as stories about restaurants, healthy eating, kitchen essentials, and more — from the...
Read Full Article43 comments
iPhone Fold Vertical Feature

Apple's 2026 Foldable iPhone Has No Visible Display Crease – Report

Tuesday February 25, 2025 2:58 am PST by
Apple is making significant headway on its long-rumored foldable iPhone, with a new report suggesting the company has achieved a major breakthrough by effectively eliminating the screen crease that plagues current foldable devices. According to Korean publication ETNews, Apple is finalizing its component suppliers for the foldable iPhone, with the selection process expected to be completed...
Read Full Article221 comments
airtag orange

AirTag 2 Rumored to Launch in May or June With These New Features

Monday February 24, 2025 6:11 am PST by
Apple plans to launch a second-generation AirTag in May or June this year, according to a post today from a leaker known as Kosutami. Bloomberg's Mark Gurman previously reported that a new AirTag would be released in mid-2025. May or June would align with that timeframe. Below, we recap three new features rumored for the AirTag 2: With a second-generation Ultra Wideband chip, the...
Read Full Article58 comments
iphone 17 lineup cad render majin bu

Revealed: Entire iPhone 17 Lineup's Striking New Camera Designs

Monday February 24, 2025 2:49 am PST by
A new CAD render of all the devices in Apple's upcoming iPhone 17 lineup has been shared online by leaker Majin Bu, specifically showing the allegedly different rear camera system designs of the standard iPhone 17, all-new ultra-thin iPhone 17 Air, and the iPhone 17 Pro and Pro Max models. The leaker Majin Bu has had some hits in the past, but some of his information has been wrong,...
Read Full Article168 comments
trump iphone dictation issue

Apple Fixing 'Trump' Dictation Processing Bug

Tuesday February 25, 2025 1:18 pm PST by
Multiple iPhone owners today noticed a pronunciation processing issue that causes the word "Trump" to momentarily show up when using dictation to send a message with the word "racist." In some cases, when speaking the word racist through the iPhone's built-in dictation feature, the iPhone briefly interprets the spoken word as "Trump" and "Trump" text shows up in the Messages app before being ...
Read Full Article358 comments

Top Rated Comments

JuicyGoomba Avatar
JuicyGoomba
3 hours ago at 09:03 am
But but but Timmy told me that the real threat was letting people install those pesky 3rd party app stores!

angrybabyfistshake.gif
Score: 12 Votes (Like | Disagree)
NMBob Avatar
NMBob
3 hours ago at 09:08 am
Finally! Something that just works!
Score: 11 Votes (Like | Disagree)
ikramerica Avatar
ikramerica
3 hours ago at 09:24 am
The author does a poor job if explaining how the hack works.

How did they locate the desktop computer remotely without hacking it and:

A. and finding out it exists
B. Knowing it’s Bluetooth information
C. Broadcasting the BT to Find My as an Airtag

Also, if the Find My network sees it as an Airtag, aren’t nearby iPhone users going to get an alert that an AirTag has been near them that doesn’t belong to you?
Score: 4 Votes (Like | Disagree)
I7guy Avatar
I7guy
3 hours ago at 09:02 am
Interesting vulnerability. How easy or hard to deploy? What is the actual threat level? And I presume one can’t be tracked if Bluetooth is off.
Score: 4 Votes (Like | Disagree)
ATmahe Avatar
ATmahe
3 hours ago at 09:18 am
Solution: Buy new Apple Devices and throw away the old ones!
:D:D:D
Score: 3 Votes (Like | Disagree)
Aeronauts Avatar
Aeronauts
3 hours ago at 09:34 am
I’m ok. Whenever I login to my Apple account it sends me a verification message saying I am 200 miles away from where I actually am.
Score: 3 Votes (Like | Disagree)
Read All Comments