12

News

01/2024: Chinese Forensic Institute Exploits AirDrop Vulnerabilities to Identify Senders of “Inappropriate Information”

A forensic institute in Beijing and international media (e.g., Bloomberg, CNN, and Ars Technica) report that AirDrop vulnerabilities are actively exploited in China to identify senders of “inappropriate information”. Fundamentally, these attacks exploit Apple’s insecure use of hash functions for “obfuscating” contact identifiers in the AirDrop protocol execution - a major privacy risk that we reported to Apple already in 2019. In more detail, the Chinese forensic experts extract hash values of the senders’ contact identifiers that are retained in log files on the receiver devices. Then, they apply hash reversal attacks based on rainbow tables (as proposed in our proof of concept) to efficiently obtain the contact identifiers in the clear.