At any point of the digital transition,…
Apple’s AirDrop has been found to have a flaw. If this flaw is successfully exploited, attackers would be able to steal personal information. The attack strategy is known as random assignment or a similar technique that is identical to it. The airdrop must, however, be physically close to the active victim in order for the attack to be successful.
Experts at the Darmstadt Institute of Technology in Germany were the first to discover this vulnerability, and they determined that it is a vulnerability with strict requirements, but it is likely to result in severe privacy infringement. “Even a total stranger may exploit this flaw to obtain the victim’s phone number and email address.”
The perpetrator only requires a Wi-Fi-capable interface and, as previously said, proximity to the victim. “All you have to do is allow the user discovery function in the file sharing window on your iOS or macOS device. And you can get the encrypted value by assigning the hash value to a random number using a simple process.”
What is the explanation for this? “When Airdrop links computers, it first performs a phone number-to-email address comparison. While Apple encrypts this data, the hashing technique it employs is flawed. As a result, the phone number and email address information can be determined easily by reverse engineering the hash value.” This are the reasons given by the researchers.
Darmstadt Institute of Technology found this flaw in May of this year. The researchers sent the study to Apple, but the company did not respond. “To date, there has been no straightforward response confirming that we have received an issue. We had no information that we were working on this issue. We know that there are currently over 1.5 billion Apple smartphone users worldwide, all of which are vulnerable to data breaches. The only way to be safe is to turn off airdrops.”
The researchers revealed the flaw after receiving no response from Apple. The material can be found at www.informatik.tu-darmstadt.de/fb20/ueber uns details 231616.en.jsp on the university’s website.
Airdrop is one of the methods for transferring files between Apple devices such as the iPhone, iPad, iPod, and Mac, and it is quick and simple. It was first released in 2011 with the Macintosh OS X Ryan update, and it began supporting airdrop in iOS in 2013.