AirDrop could make 1.5 billion Apple devices vulnerable to hackers due to a newly discovered flaw
Apple’s AirDrop feature could allow hackers to gain personal information via your Apple device, according to security researchers in Germany.
A report from Technische Universitat Darmstadt says it has found a “significant privacy leak” in Apple’s file-sharing service. When users begin sharing files with each other using AirDrop, others with malicious intent can also tap into the data and gain access to the phone number and email of users.
Researchers say 1.5 billion Apple devices are vulnerable, and Apple has not issued a security update since the report was issued.
Researchers say they alerted Apple to the problem in May 2019 but said, “Apple has neither acknowledged the problem nor indicated that they are working on a solution.” The team added it had also offered a fix for the flaw, but have not heard back from Apple about the proposal.
Hackers would need only a Wi-Fi connection and proximity to AirDrop users to gain access to the information. The report does not make it clear how much computing power is necessary to break the current encryption on the data.
Users can protect themselves only by disabling AirDrop discovery in their system settings or by not using the sharing menu.
Apple does have an update to its iOS operating system coming soon. iOS 14.5 is expected to be released next week. It’s unclear if that update will address this vulnerability.