The peer-to-peer network used by AirTags, Apple's just-released tracking and location devices, could be used by anyone to send small amounts of data, essentially creating a covert channel not limited to Apple's hardware, according to a recent analysis by two security researchers.
On April 30, Apple released its AirTags, button-sized devices that allow Apple customers to track and locate important possessions, such as backpacks and bikes. The devices use Apple's Find My network — a peer-to-peer mesh network of Apple devices — to send location data back to the owner. By analyzing Apple's new AirTags, however, two security researchers at consultancy Positive Security discovered that Apple's Find My network can be used to send data from non-AirTag devices as well, albeit at low data rates of a few bytes per second.
The covert channel is mostly of academic interest because the bandwidth is so low, but it could present attackers with a viable low-cost way to exfiltrate data from a corporate environment, says Fabian Bräunlein, co-founder at Positive Security.
"I think in certain situations it could be used to exfiltrate data from corporate settings," he says. "An example could be a USB keylogger that immediately broadcasts the sniffed keystrokes for upload. In most of those scenarios, however, a more expensive device with a SIM card and modem [could] also be a viable alternative."
Less than two weeks after Apple's released its AirTag $30 tracking and location tags, hardware hackers and security researchers have already found vulnerabilities and alternative uses for the devices. Hardware hacker Colin O'Flynn, for example, researchers create covert channel apple airtag network
