Apple's Find My Network Flaw Enables Silent AirTag-Like Tracking of Any Bluetooth Device

A fix for the 'nRootTag' vulnerability could take years to be implemented, according to researchers.

Advertisement
Written by David Delima | Updated: 27 February 2025 13:58 IST
Highlights
  • Researchers have found a flaw in Apple's Find My network
  • It allows hackers to track the location of several Bluetooth devices
  • Apple has yet to roll out a fix for the Find My network vulnerability
Apple's Find My Network Flaw Enables Silent AirTag-Like Tracking of Any Bluetooth Device

The researchers reached out to Apple to inform the company about the flaw in July 2024

Photo Credit: Apple

Apple's Find My network can be used by hackers to track any device with Bluetooth connectivity by turning them into homing beacons like the company's AirTag, according to researchers. A malicious user could trick Apple's Find My network into tracking a smartphone, laptop, or any internet of things (IoT) device using its Bluetooth address, by tricking the network into thinking it is an AirTag. The exploit can be used to pinpoint the location of a device, or track it as it moves across a specific area.

Tricking the Find My Network Into Tracking Ordinary Bluetooth Devices

According to George Mason University researcher Junming Chen, the Apple's Find My network contains a Bluetooth vulnerability that would allow a hacker to silently track a device by using its Bluetooth address. Dubbed 'nRootTag', this attack tricks the Find My network into thinking that a device is a lost AirTag.

A team of four researchers led by Chen discovered that the nRootTag attack could be used to identify the location of a Bluetooth connected device with an accuracy of 10 feet (3.05 metres). It could also be used to locate a larger object, such as an e-bike, and track it as it moved around a city. The team also highlighted that the flaw could also be misused to identify the location of smart locks that have been hacked, enabling attackers to easily find them.

While Apple protects user privacy on an AirTag by changing its Bluetooth address using a cryptographic key, this process requires elevated privileges. In order to circumvent this, the researchers used hundreds of GPUs to identify a key that is compatible with the Bluetooth address of a device, and making it adapt to the address.

Advertisement

The use of several rented GPUs offers an affordable method to quickly identify the location of a device "within minutes". nRootTag has a 90 percent success rate, according to the researchers, who say that advertising companies could avoid the use of GPS and track or profile users with this technique.

While Apple's network was designed to track the company's own devices, the researchers were able to use nRootTag to track mobile devices, laptops, IoT devices, smart TVs, and even virtual reality (VR) headsets. They will present these findings at the USENIX Security Symposium in August.

Advertisement

The researchers contacted Apple about the security flaw in July 2024, and the company acknowledged their contribution in the release notes for iOS 18.2, which was released in December (see the Proximity section).

However, a proper fix for the issue — whenever it is released by Apple — would likely require an update to the Find My network, and might be delayed by users who defer the installation of software updates on their devices. The researchers state that the vulnerability in the Find My network could exist for years, until these outdated devices slowly "die out".

Advertisement

Users can take some precautions to keep their devices safe from tracking, such as being judicious while granting apps access to the Bluetooth permission or making sure that their devices are up-to-date. The researchers also recommend the use of privacy focused operating systems that could potentially protect user privacy.

 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo X200 FE Global Launch Confirmed; Design Teased
  2. Vivo Y400 Pro 5G India Launch Date Confirmed; Design Revealed
  3. Poco F7 Launch Date, Price in India, Design and Key Features Leaked Online
  4. OnePlus Nord 5 Series, OnePlus Buds 4 to Launch in India on This Date
  5. Oppo Reno 14 5G Series, Watch X2 Mini, Enco Buds 3, Pad SE to Launch Globally
  6. Oppo K13x 5G India Launch Date, Price Range and Key Features Revealed
  7. Switch 2 Had the Biggest-Ever Launch Week for Video Game Hardware in the US
  8. Oppo K13 Turbo Pro Key Specifications Leaked Online
  9. WhatsApp Will Soon Let You Scan Documents on Your Android Phone
  10. Realme Narzo 80 Lite 5G Launched in India With 6,000mAh Battery: See Price
  1. Bitget Partners UNICEF Unit to Expand Blockchain Training Across India, Other Countries 
  2. WhatsApp Reportedly Working on Ability to Scan Documents on Android Smartphones
  3. ElevenLabs Expands Eleven V3 Text-to-Speech Model With Support for 41 New Languages
  4. Vivo T4 Lite 5G India Launch Confirmed; Battery Capacity, Price Range Teased
  5. TikTok Pushes Deeper Into AI-Generated Video Ads With New Tools
  6. Apple Risks Fresh EU Charge Sheet Over App Store Curbs
  7. The Witcher 4 Will Target 60 FPS on Consoles, but Series S Will Be 'Extremely Challenging' Says CD Projekt Red
  8. Oppo Reno 14 5G Series Global Launch Teased Alongside Watch X2 Mini, Enco Buds 3 and Pad SE
  9. Microsoft Begins Testing AI Agents in Windows 11, Brings Option to Share Recall Snapshots in Europe
  10. watchOS 26 to Bring Control Center Customisation Options with User-Defined Toggles
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.