Spoofing an Apple device and tricking users into sharing sensitive data

White hat hackers at the recent hacking conference Def Con demonstrated how to spoof an Apple device and trick users into sharing their sensitive data.

At the recent Def Con hacking conference, white hat hackers demonstrated how to spoof an Apple device and trick users into sharing their sensitive data.

As reported by Techcrunch, attendees at the conference using iPhones started observing pop-up messages prompting them to connect their Apple ID or share a password with a nearby Apple TV.

The security researcher who goes by Jae Bochs said on Mastodon that the messages were part of their research project.

“Also to offer some reassurance: this was built with two purposes – to remind people to *really shut off* Bluetooth (I.e. not from control center) and to have a laugh.” explained Bochs.

He added that no data was collected and that he was just sending out Bluetooth low energy (BLE) advertisement packets that don’t require pairing.

Bochs used cheap equipment composed of a Raspberry Pi Zero 2 W, two antennas, a Linux-compatible Bluetooth adapter, and a portable battery.

“Bochs estimated that this combination of hardware, excluding the battery, costs around $70 and has a range of 50 feet, or 15 meters.” reported TechCrunch.

“Proximity is determined by BLE signal strength, and it seems most devices intentionally use lowered transmit power for these to keep the range short. I don’t :),” Bochs told TechCrunch.

Bochs focused on “proximity actions,” which appear on an iPhone screen when two devices are close to each other.

He created a proof-of-concept to build a custom advertisement packet that mimics BLE signal emitted by devices such as the Apple TV. Basically, he spoofed an Apple device that tries to repeatedly connect to nearby devices and triggers the pop-ups.

In a real attack scenario, upon tapping and accepting the prompts it will allow threat actors to collect some data from the packets, including phone number, Apple ID email, and current Wi-Fi network.

Even if users tap on the Bluetooth icon, their iPhones will continue to receive proximity actions.

Bochs speculate that these flaws were “certainly by design” to allow smartwatches and headphones to keep working with Bluetooth toggled and Apple won’t address them.

The expert recommends turning Bluetooth off in the device settings to protect the device.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, iPhone)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.