An AirTag clone can bypass all of Apple's anti-stalking measures, new research warns
India Today
A team of researchers has modified an AirTag to make it capable of avoiding all of Apple's anti-stalking measures for its Find My network. The team now urges Apple to consider such modified variants before rolling out privacy and security measures for AirTag in the future.
Cybersecurity experts have been able to bypass Apple's anti-stalking checks for its AirTag, through a specially designed clone of the tracking device that uses a modified firmware on Apple's own networks. Being titled as a "stealth AirTag," the device was found capable of tracking an iPhone user for more than five days at a stretch, without triggering a single notification through Apple's Find My network, a security measure that was supposed to prevent AirTag's use for stalking.
Sharing the source code for the product on Github, Berlin-based IT security consultancy Positive Security has explained the device in detail in a new blog. As per the claims of the company's co-founder Fabian Bräunlein, the AirTag clone made by the security team was successfully able to bypass Apple's anti-stalking measures for its AirTag.
"Neither the tracked iPhone user, nor their iPhone-using roommate received any tracking alerts throughout that period," Bräunlein writes in the blog. The results were obtained after the stealth AirTag clone was used to track a person from February 16 to February 21. The AirTag stayed with the person throughout the six days, but not once was it detected, despite several iPhones being around it most of the time.
For those unaware, AirTag is a small tracking device launched by Apple last year. The intended use for the product is to keep track of one's valuables. For this, it can be attached to, say a suitcase or a bunch of keys, and it will relay its location continuously over Apple's Find My network to the owner's iPhones.
However, AirTag was soon subjected to a flood of complaints from around the globe. Post its launch, it was found that just as Apple's coin-shaped tracking tool helps people to locate their belongings, it can also be misused to stalk people. Planting the small tracking chip around unwary people, like in their vehicles or their bags, could provide miscreants with complete knowledge of their whereabouts.
Apple came up with several countermeasures for this in the following months of 2021. In an official statement earlier this month, the company acknowledged the issue and listed several new features which have been rolled out to help Apple and its user-base prevent the use of AirTag for stalking.
Among these, it promises to have updated AirTag so that they now start beeping when kept away from the linked iPhone for long. This can indicate all those around an unclaimed AirTag of its presence in the vicinity. The devices were even updated to push alerts to nearby iPhones of an unidentified AirTag around them. Apple also rolled out the Tracker Detect app to protect Android users from this too.
