Security researchers recently managed to build an Apple AirTag clone that can bypass anti-tracking technology found in the device’s Bluetooth-based Find My tracking protocol.
Reportedly, AirTags are often used for malicious purposes, such as secretly tracking unsuspecting people or their vehicles, stalking, privacy invasion, and even theft. Last month, Apple released a list of its current and future efforts to prevent misuse of its product.
However, security experts designed a stealth AirTag clone that can successfully perform user tracking for more than five days without prompting a tracking notification on the host device, according to Positive Security’s co-founder Fabian Bräunlein’s blog post.
The AirTag clone successfully dodged all anti-tracking protocols enforced by Apple, as the team confirmed by running a real-world experiment. Cybersecurity researchers behind this project encourage Apple to consider stealth AirTag clones while implementing upcoming changes to the Find My ecosystem.
“If an AirTag, set of AirPods, or Find My network accessory is discovered to be unlawfully tracking a person, law enforcement can request any available information from Apple to support their investigation,” according to an updated Apple support article.
However, the stealth AirTag clone is built on OpenHaystackand reportedly circumvents “every current and upcoming protection measure mentioned in that relatively long list.”
Researchers learned they could render the tracking device undetectable by broadcasting novel public keys from a list of 2,000 preloaded ones every 30 seconds through the faux device.
The team noticed that this technique raises no alerts in iOS and Tracker Detect Android apps, even for unwanted AirTag devices. On the other hand, they also found that SEEMO-developed third-party alternative AirGuard could discover the stealth AirTag in “manual” scanning mode, which raises concerns over the efficacy of Apple’s security measures.