Because since release of Apple’s Bluetooth-based tracking gadget AirTag, there have been several complaints of the device being used for stalking and other illegal acts all over the world. As a result of these instances, the firm began taking the required steps to prevent such problems by providing users with important safety recommendations and introducing privacy protections to AirTags.
However, a security researcher has developed an AirTag clone that is capable of bypassing practically every anti-stalking function designed to protect users’ privacy.
Apple’s Anti-Stalking Features are bypassed by an AirTag clone
While Apple’s AirTag is a useful tool for tracking and locating misplaced objects like wallets, keys, and baggage, it has also been used to monitor individuals without their knowledge.
In response to these concerns, Apple has added additional privacy measures to its devices in order to prevent such behavior. In reality, a couple of those capabilities were included in the company’s newest iOS 15.4 beta 4 release.
However, a security researcher in Berlin, Germany has created a stealth AirTag-clone that can defeat Apple’s existing anti-stalking capabilities. These clones lack a unique serial number and aren’t linked to an Apple ID like the original AirTag. In a recent blog post, security researcher Fabian Bräulein detailed how he created the AirTag-clone and used it to monitor an iPhone user without their knowledge for five days in a real-world experiment.
Bräulein built the system using OpenHaystack, a specific framework for tracking Bluetooth devices using the Find My network (source code available on GitHub). The AirTag clone was then built using an ESP32 microcontroller with Bluetooth connectivity, a battery bank, and a cable.
Bräulein outlined how each of Apple’s anti-stalking capabilities might theoretically be overcome in the blog post. For example, if an AirTag is separated from its user for three days, it emits a beeping sound to alert anybody around. Although Apple has reduced the delay from three days to eight to twenty-four hours, the AirTag clone avoids it since it lacks a working speaker. Various similar clones have been discovered on eBay, according to the report.
Other functionalities, such as tracking alerts and notifications to a prospective stalking victim, were disabled by employing more than 2,000 pre-loaded public keys, with the AirTag clone broadcasting one every 30 seconds.
Furthermore, the lack of a UWB chip precluded the victims from utilizing the Find My app’s Precision Finding feature to trace the device.
Using the AirTag clone and a special macOS program that was built for the experiment, Bräulein was able to effectively monitor and locate an iPhone user and an iPhone-bearing roommate for five days without them receiving any tracking notifications on their devices. Following tests, it was determined that the Apple Android Tracker Identify app could not detect the AirTag clone.
Bräulein clarifies that the goal of this initiative is not to encourage AirTag-based stalking. Instead, the lengthy blog post and AirTag clone are meant to demonstrate that, even with Apple’s privacy safeguards in place, users with the correct expertise may discover simple methods to get around them and create customized AirTags to continue stalking. As a result, when Apple integrates anti-stalking measures for AirTags in the future, it should consider these difficulties.