Find My Network Exploited to Send Messages

An exploit allows messages and additional data to be sent across Apple's Find My network, according to the findings of a security researcher.

apple findmy network feature
Security researcher Fabian Bräunlein has found a way to leverage Apple's ‌Find My‌ network to function as a generic data transfer mechanism, allowing non-internet-connected devices to upload arbitrary data by using nearby Apple devices to upload the data for them.

The ‌Find My‌ network uses the entire base of active iOS devices to act as nodes to transfer location data. Bräunlein explained in an extensive blog post that it is possible to emulate the way in which an AirTag connects to the ‌Find My‌ network and broadcasts its location. The ‌AirTag‌ sends its location via an encrypted broadcast, so when this data is replaced with a message, it is concealed by the broadcast's encryption.

find my network message exploit
Bräunlein's practical demonstration showed how short strings of text could be sent from a microcontroller running custom firmware over the ‌Find My‌ network. The text was received via a custom Mac app to decode and display the uploaded data.

It is not immediately clear if this ‌Find My‌ network exploit could be used maliciously or what useful purposes it may serve. Nonetheless, it seems that it could be difficult for Apple to prevent this unintended use due to the privacy-focused and end-to-end encrypted nature of the system.

For more information, see Bräunlein's full blog post, which explains in detail the entire technical process behind passing arbitrary data through the ‌Find My‌ network.

Popular Stories

Apple AI Command Center Concept Mock 3

Apple Expected to Launch This All-New Device Next Year

Wednesday November 27, 2024 1:05 pm PST by
Apple is expected to kick off 2025 by launching an all-new smart home hub, also referred to as a "command center," as early as March. The hub is expected to feature around a six-inch display that can be attached to a tabletop base with a speaker, or mounted on a wall. The device is said to run a new "homeOS" operating system with a customizable widget-focused home screen, and it is expected...
iOS 18

Here Are Apple's Full Release Notes for iOS 18.2

Thursday December 5, 2024 11:48 am PST by
Apple seeded the release candidate version of iOS 18.2 today, which means it's going to see a public launch imminently. Release candidates represent the final version of new software that will be provided to the public should no last minute bugs be found, and Apple includes release notes with the RC launch. The iOS 18.2 release notes provide a look at all of the new features that are coming...
Whatsapp Feature

WhatsApp to Drop Support for These iPhones Starting May 2025

Monday December 2, 2024 2:57 am PST by
WhatsApp is set to end support for iOS versions older than iOS 15.1 from May next year, removing the chat platform's compatibility with several iPhone models in the process. From May 5, 2025, WhatsApp will no longer be compatible with iPhone 5s, iPhone 6, and iPhone 6 Plus models. Users with those devices won't be able to access the encrypted chat service after the specified date unless they ...
Flip iPhone Thumb 1

Apple's 2026 Foldable iPhone Could Reinvigorate Stalling Market

Monday December 2, 2024 4:04 pm PST by
The foldable smartphone market has stalled with customer interest in foldables waning, but that could change when Apple debuts a foldable iPhone, according to display analyst Ross Young. In a report on the current foldable smartphone market, Young says that Apple is expected to "enter the foldable market" in the second half of 2026. Apple's "dominant position in flagship smartphones" could...
airpods pro 2 gradient

AirPods Pro 3 Expected Next Year: Here's What We Know

Thursday November 28, 2024 3:30 am PST by
Despite being released over two years ago, Apple's AirPods Pro 2 continue to dominate the wireless earbud market. However, with the AirPods Pro 3 expected to launch sometime in 2025, anyone thinking of buying Apple's premium earbuds may be wondering if the next generation is worth holding out for. Apart from their audio and noise-canceling performance, which are generally regarded as...
iPhone 17 Pro Dual Tone Rectangle Feature 1

iPhone 17 Pro Already Rumored to Have These 8 New Features

Wednesday November 27, 2024 12:19 pm PST by
While the iPhone 17 Pro and iPhone 17 Pro Max are not expected to launch for 10 more months, there are already plenty of rumors about the devices. An imaginative iPhone 17 Pro concept based on rumors Below, we recap key changes rumored for the iPhone 17 Pro models so far: Aluminum frame: iPhone 17 Pro models are rumored to have an aluminum frame, whereas the iPhone 15 Pro and iPhone 16 Pro ...
Tim Cook WWDC 2024

Apple CEO Tim Cook Opens Up About AI Plans, Vision Pro Future, and More in New Interview

Wednesday December 4, 2024 5:40 am PST by
WIRED today shared in an in-depth interview with Apple CEO Tim Cook, asking questions about AI, Vision Pro sales, pre-recorded keynotes, and more. The wide-ranging interview covers Apple's pivot toward AI technology, including what Apple Intelligence features Cook finds most useful, Apple's partnership with OpenAI, and the environmental impact of AI. For example, WIRED asked Cook about...

Top Rated Comments

zepfhyr Avatar
47 months ago
The first thought that comes to mind is someone installing a compromised IoT device that gains legitimate access to their network and then uses the Find My network to funnel data out of the network, bypassing any firewall rules that prevent the IoT device from communicating with the Internet at large.

It's the type of thing you'd see in a heist or spy movie to try and snag someone's password.
Score: 10 Votes (Like | Disagree)
Unregistered 4U Avatar
47 months ago
Another
“IF YOU SET EVERYTHING UP JUUUUUUUUUST RIGHT, YOU CAN DO A THING!” from a security researcher. AirTags is the security gift that keeps on giving.
Next week,
“We’ve been able to determine that if you accelerate an AirTag at just the right speed towards a target that’s not trying to dodge and is totally aware and ok that you’re throwing it (though accelerate sounds cooler) YOU MAY BE ABLE TO HIT THEM!”
Score: 8 Votes (Like | Disagree)
ArtOfWarfare Avatar
47 months ago
This could be used for some kind of Denial of Service Attack, couldn't it?

You set up a server that's just spamming the Find My network, then all the Apple devices are constantly bouncing these spam messages around. They may end up drowning out legitimate Find My network messages.
Score: 8 Votes (Like | Disagree)
no_idea Avatar
47 months ago
Waiting for someone to show a hack that executed the following steps:
1) uses forgot password
2) clicks try another device for access code pin
3) has a hamster run in a wheel to disrupt radio waves transmitting the secret pin
4) said wheel traps the secret pin and translated via a sudoku puzzle to the hacker
5) hacker inlists a millennial to decrypt the puzzle
6) millennial asks for gluten free juice cleanser for payment
7) hacker gets in!
Score: 7 Votes (Like | Disagree)
TiggrToo Avatar
47 months ago

This could be used for some kind of Denial of Service Attack, couldn't it?

You set up a server that's just spamming the Find My network, then all the Apple devices are constantly bouncing these spam messages around. They may end up drowning out legitimate Find My network messages.
From the source:


With the public key validity check implemented, everything worked flawlessly. While I didn't do extensive performance testing and measurements, here are some estimates:

The sending rate on the microcontroller is currently ~3 bytes/second. Higher speeds could be achieved e.g. simply by caching the encoding results or by encoding one byte per advertisement
In my tests, the receiving rate was limited by slow Mac hardware. Retrieving 16 bytes within one request takes ~5 seconds
The latency is usually between 1 and 60 minutes depending on how many devices are around and other random factors.
Score: 7 Votes (Like | Disagree)
centauratlas Avatar
47 months ago
This is awesome (assuming it can't be badly exploited). It gives an ad hoc wireless relay network. There could be plenty of uses.
Score: 6 Votes (Like | Disagree)