Using iPhones and AirTags to sneak data out of air-gapped networks

Using iPhones and AirTags to sneak data out of air-gapped networks

Someone has found an extraordinary way to exfiltrate data by piggybacking data on the backs of unsuspecting iPhones.

Say what?

A researcher has found out that it is possible to upload arbitrary data from non-internet-connected devices by sending Bluetooth Low Energy (BLE) broadcasts to nearby Apple devices that will happily upload the data for you. To demonstrate their point, they released an ESP32 firmware that turns the micro-controller into an (upload only) modem. They also created a macOS application to retrieve, decode and display the uploaded data.

How AirTags are involved

The investigation was triggered by the release of AirTags. AirTags are marketed by Apple as a super-easy way to keep track of your stuff. Basically, you attach an AirTag to your valuables and you can find out where they are using Apple’s Find My app. Unlike a GPS tracker, which requires cell service and can drain batteries quickly, AirTags rely on the popularity of Apple products. The iPhones, iPads, and Macs used by hundreds of millions of people around are nodes in a distributed “Find My” network, joined by BLE signals.

Research theory and practice

Building on previous work by TU Darmstadt, the researcher was curious whether Find My’s Offline Finding network could be (ab)used to upload arbitrary data to the Internet, from devices that are not connected to Wi-Fi or mobile internet. The data would be broadcasted via BLE and hopefully picked up by nearby Apple devices on the Find My network. Then, if those devices were later connected to the Internet, the devices could forward the data to Apple servers, from where it could be retrieved. In theory, such a technique could be used to avoid the cost and power-consumption of mobile Internet access. More interesting from our point of view, it could also be interesting for exfiltrating data!

Sometimes theoretical ideas like this get shot down by practical issues, like the bandwidth restrictions in the AirTag system, for example. But as it turned out, some security and privacy decisions in the design of the Offline Finding mechanism enabled the goal quite efficiently, and, according to the researcher, make it almost impossible to protect against.

Security through obscurity

The Apple Find My Offline Finding system is designed so that:

  • There are no secrets on the AirTag.
  • There is no access for Apple to the user’s location.
  • Tracking protection against nearby adversaries is achieved by rolling public keys

The consequence of this for the research lies in the fact that Apple does not know which public keys belong to your AirTag, and therefore which location reports were intended for you. This means that any device with an Apple ID can get location reports from any AirTag. The security solely lies in the encryption of those location reports: The location can only be decrypted with the correct private key, which is on the owner’s device.


Since there is no way for Apple to check what kind of device is sending out the signal, for the sending side the researcher chose the ESP32, as it is a very common and low-cost microcontroller. Using firmware based on the TU Darmstadt research, the device can broadcast a hardcoded default message and then listens for any new data to broadcast in a loop until a new message is received.

Designing a protocol

To make the sender and receiver understand each other took some tinkering. If you are interested in the more technical aspects, I advise you to read the researcher’s post. But the end goal to set arbitrary bits in the shared key-value store and query them, was reached. Once both the sender and receiver agree on an encoding scheme, it is possible to transfer arbitrary data.

To send properly authenticated retrieval requests the researcher used an AppleMail plugin, a trick that was also described in the German research.

Bridging the air gap

Because devices on the Find My network will cache received broadcasts until they have an Internet connection, this technique can be used to upload data from areas without mobile or Wi-Fi coverage, as long as iPhone owners pass by from time to time. The easiest to imagine use case would be uploading data from remote IoT devices without a broadband modem, SIM card, data plan or Wi-Fi connectivity, but it could also be used in sneakier ways.

In the world of high-security networks, where exotic techniques like blinking server lights and drone cameras are noteworthy techniques for bridging air gaps, visitors’ Apple devices might also be a feasible method for exfiltrating data.

Air-gapped systems where considered the holy grail of security a decade ago. An air-gapped network is one that is physically isolated and not connected to any other network. The idea was that the only way data can be transferred into or out of such a network is by physically inserting some sort of removable media, such as a USB or removable disk, or by connecting a transient device like a laptop. Since then, a lot of research has gone into methods to exfiltrate data from air-gapped networks. It seems this researcher has found another one.


As mentioned earlier, it would be hard for Apple to defend against this kind of misuse if they wanted to. Apple designed the system on the principle of data economy. They cannot read unencrypted locations and do not know which public keys belong to your AirTag, or even which public key a certain encrypted location report belongs to (as they only receive the public key’s SHA256 hash).

However, the researcher points out that hardening of the system might be possible in the following two areas:

  • Authentication of the BLE advertisement.
  • Rate limiting of the location report retrieval.

The authentication could be used to exclude anything other then an AirTag from sending data to Finder devices. The rate limiting could enforce the 16 AirTags per AppleID and make abuse to send large amounts of data a lot harder.

This technique looks more like interesting research than a pressing, real-world problem and it remains to be seen how seriously Apple treats this threat. In the meantime, the company is well aware that data exfiltration isn’t the only nefarious activity that AirTags can be repurposed for.


Pieter Arntz

Malware Intelligence Researcher

Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.