Skip to main content
  1. Home
  2. Mobile
  3. News

Researchers find a scary data vulnerability in Apple’s AirDrop

Arif Bacchus
By

Hackers can tap into AirDrop data and pull your phone number or your email address. This issue has been known since 2019 and has yet to be patched or acknowledged by Apple, though it impacts almost 1.5 billion Apple devices today.

According to a report from security researchers at Germany’s Technical University of Darmstadt, the core of this issue is the way in which AirDrop shares files between Apple devices using the address book and contacts list as an option by default. Per the researchers, since AirDrop leverages “a mutual authentication mechanism,” to compare phone numbers, as well as email addresses, a hacker can easily intercept this information using “a Wi-Fi-capable device” that is nearby to an Apple user sharing through MacOS, iOS, or iPadOS via AirDrop. A proof of concept attack can be found on GitHub.

Recommended Videos

This can be done even if the hacker isn’t in the user’s address book or contacts list. It happens both ways, via Sender Leakage, as well as Receiver Leakage, according to the researchers.

Related

Apple does try to protect the exchanged phone numbers and email addresses via “obfuscating,” but security researchers have found that it does not prevent the reversing of hash values. These can be “quickly reserved,” according to security researchers, through brute force attacks.

The researchers at the Technical University of Darmstadt have developed “PrivateDrop” which can replace AirDrop’s flawed design. This solution is reportedly based on optimized cryptographic private set intersection protocols.

This means it can complete exchanges between certain devices without exchanging the hash values that could otherwise be interpreted. This all can occur with a delay time of around a second. This project is available on GitHub, for those interested in the research behind what went into developing it.

Since Apple hasn’t yet officially released a fix, you can try to avoid using or completely turn off AirDrop if you are concerned. To do this on an iPhone or an iPad, click Settings > General. From there, tap AirDrop > Receiving Off. On MacOS, you can turn off AirDrop by clicking to the Control Center next to the date and time, choosing AirDrop, and then toggling the switch to Off. Additional details are available via Apple if you wish to learn more about AirDrop on MacOS.

Editors' Recommendations

Topics
Arif Bacchus
Arif Bacchus
Computing Writer
Arif Bacchus is a native New Yorker and a fan of all things technology. Arif works as a freelance writer at Digital Trends…
Your iPhone just got a first-of-its-kind security update
Deep Purple iPhone 14 Pro held in hand with a wooden gate in the background

Smartphone users should be completely accustomed to getting regular security updates to make sure that their data is protected. Now, Apple is simplifying things by introducing a new way to quickly update iPhone security without needing to push a full-on iOS update.

Apple has been running beta tests of its Rapid Security Responses (RSR) feature that's meant to make security patches easier. As of May 1, RSR has launched for all Apple device owners.

Read more
5 hidden iPhone 14 Pro features you need to use
iPhone 14 Pro in Deep Purple, held in a mans hand.

Apple’s iPhone 14 Pro has been out for a while now, and we’re going to be getting the iPhone 15 lineup in several more months. But that doesn’t mean that the iPhone 14 Pro is a bad phone – in fact, it’s still incredibly powerful! You have the fast and snappy A16 Bionic chip that powers it all, the new always-on display, Dynamic Island, 48MP main camera, and more. And since it uses iOS 16, there are plenty of fun software things to check out as well.

But unless you know where to look, you may not be utilizing all of the cool features of the iPhone 14 Pro, or at least making the most out of it. We’ll show you some of the best features that you should be using on your iPhone.
Take photos in full 48MP resolution

Read more
Check your Apple Card right now — you may have a crazy 10% cash-back promo
Daily Cash page for the Apple Card, showing a 10% back promo for grocery store purchases.

If you’re an Apple Card user, you may want to check if you have a new offer waiting for you that will net you up to 10% cash back on grocery store purchases. Yes, you read that correctly — 10% cash back.

Apple is quietly boosting Apple Card rewards with this new promotion that seems to only be available to select users through May 31. The timing of this offer follows the launch of the Apple Card Savings account earlier in the month.

Read more