Using a meager $70 setup makes spoofing any Apple device possible. That’s what the researchers demonstrated at the latest Def Con. The simplest way to avoid such threats is to turn off the devices’ Bluetooth when not in use.
Apple Device Spoofing possible Via $70 Equipment
At the latest Def Con 2023, security researchers demonstrated hilariously spoofing any Apple device. While executing the activity as a prank, the researchers emphasized the need to secure devices from potential spoofing threats by adequately turning off the devices’ Bluetooth.
Initially, the attendees at the event started getting weird popups on their devices, asking them to connect to an Apple TV or share a password with a nearby device. Some popups even looked like more of a prank, asking users to update their devices or adjust the color balance.
Yet, it also seemingly bewildered some Def Con attendees, making them share warning alerts via social media.
Ultimately, the researcher Jae Bochs disclosed the matter via Mastodon, explaining that the popups were part of a project demonstrating a security issue with Apple devices.
According to his response on Mastodon, the activity demonstrated an inherent Apple glitch that an adversary could abuse maliciously. However, this activity never aimed to collect data from the attendees but to convince users to disable Bluetooth when not in use via the Settings app.
As reported, Bochs used simple $70 equipment comprising a Raspberry Pi Zero 2 W, two antennas, a Linux-compatible Bluetooth adapter, and a portable battery. Bochs could easily generate popups on nearby Bluetooth-enabled Apple devices using this hardware.
The attack could execute due to Apple’s Bluetooth Low Energy (BLE), which allows communication between nearby devices. Hence, this interaction generated popups on nearby devices.
With Bochs’ attack kit, it became possible to generate fake alerts on the devices. Though Bochs’ project didn’t aim at collecting data, an adversary could do it if the victim devices’ users interacted with the popups.
The researchers have demonstrated the attack in the following video.
Preventing BLE-Related Attacks
While Apple devices allow turning off Bluetooth via the quick-access Control Center, this method doesn’t seemingly work in the demonstrated attack scenario. Even after toggling off Bluetooth, the researcher could still trigger popups on nearby devices due to proximity.
Hence, as explained, the best way to avoid such risks is to always disable Bluetooth via the device’s Settings app when not in use.
Let us know your thoughts in the comments.
source: https://securityaffairs.com/149711/hacking/spoofing-apple-device.html