{"id":40860,"date":"2021-05-13T14:25:22","date_gmt":"2021-05-13T14:25:22","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/32283\/Hacker-Manipulates-Apples-Find-My-Network-For-Data-Exfiltration.html"},"modified":"2021-05-13T14:25:22","modified_gmt":"2021-05-13T14:25:22","slug":"hacker-manipulates-apples-find-my-network-for-data-exfiltration","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/","title":{"rendered":"Hacker Manipulates Apple&#8217;s Find My Network For Data Exfiltration"},"content":{"rendered":"<p>Apple&#8217;s Find My network, used to locate iOS and macOS devices \u2013 and more recently AirTags <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/04\/08\/apple_extends_find_my_support\/\" rel=\"noopener noreferrer\">and other<\/a> kit \u2013 also turns out to be a potential espionage tool.<\/p>\n<p>In short, it&#8217;s possible to use passing Apple devices to sneak out portions of information from one place to another, such as a computer on the other side of the world, over the air without any other network connectivity.<\/p>\n<p>Fabian Br\u00e4unlein, co-founder of Positive Security, devised a way to send a limited amount of arbitrary data to Apple&#8217;s iCloud servers from devices without an internet connection using Bluetooth Low Energy (BLE) broadcasts and a microcontroller programmed to function as a modem. That data can then be retrieved from the cloud by a Mac application. In a <a href=\"https:\/\/positive.security\/blog\/send-my\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">blog post<\/a> on Wednesday, he dubbed his proof-of-concept service <a href=\"https:\/\/github.com\/positive-security\/send-my\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Send My<\/a>.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,leaderboard,mpu,\" data-lg=\",fluid,leaderboard,\" data-xlg=\",fluid,superleaderboard,billboard,leaderboard,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>Apple&#8217;s Find My network, when enabled in Apple devices, functions as a crowdsourced location-tracking system. Participating devices broadcast over BLE to other nearby attentive Apple devices, which in turn relay data back over their network connection to Cupertino&#8217;s servers. Authorized device owners can then get location reports on enrolled hardware through the company&#8217;s iCloud-based Find My iPhone or iOS\/macOS Find My app.<\/p>\n<p>Back in March, researchers with Technical University of Darmstadt in Germany \u2013 Alexander Heinrich, Milan Stute, Tim Kornhuber, and Matthias Hollick \u2013 published an analysis of the security and privacy of Apple&#8217;s Find My network [<a href=\"https:\/\/arxiv.org\/pdf\/2103.02282.pdf\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">PDF<\/a>], uncovering a few issues along the way. Br\u00e4unlein said their work developing a tool called <a href=\"https:\/\/github.com\/seemoo-lab\/openhaystack\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">OpenHaystack<\/a>, for creating one&#8217;s own Find My trackable items, made his Send My research possible.<\/p>\n<p>Br\u00e4unlein said his goal was to see whether the Find My network could be abused to carry arbitrary data from devices without an internet connection.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,leaderboard,mpu,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;Such a technique could be employed by small sensors in uncontrolled environments to avoid the cost and power-consumption of mobile internet,&#8221; he explains. &#8220;It could also be interesting for exfiltrating data from Faraday-shielded sites that are occasionally visited by iPhone users.&#8221;<\/p>\n<p>He also theorizes that his technique could be used to deplete mobile users&#8217; data plans because he didn&#8217;t encounter any rate limiting mechanism for the number of location reports devices can send over the Find My network. Broadcasting a large number of unique public encryption keys as part of the Find My protocol would increase the amount of mobile traffic sent, with each report being more than 100 bytes.<\/p>\n<p>However, ads on websites and streaming data seem like far greater data consumers and battery life killers if that&#8217;s the goal.<\/p>\n<h3 class=\"crosshead\"> <span>Software in a haystack<\/span><br \/>\n<\/h3>\n<p>For his data exfiltration scheme, Br\u00e4unlein employed an ESP32 microcontroller running OpenHaystack-based firmware to broadcast a hardcoded default message and to listen on its serial interface for new data. Nearby Apple devices with Find My broadcasting enabled will pick up these signals and relay them to Apple&#8217;s servers.<\/p>\n<p>Fetching the data from a macOS device requires using an Apple Mail plugin that runs with elevated privileges, in order to satisfy Apple&#8217;s authentication requirements for accessing location data. The user must also install OpenHaystack and run DataFetcher, a macOS app created by Br\u00e4unlein to view the unsanctioned transmission.<\/p>\n<p>Send My is not exactly a high-speed attack. With the microcontroller sending at ~3\/bytes per second and retrieving 16 bytes taking ~5 seconds, not to mention latency ranging from 1 to 60 minutes depending on the number of nearby devices, there are certainly faster data transmission side channels.<\/p>\n<p>Nonetheless, it&#8217;s not inconceivable that a sophisticated adversary could find a use for Send My.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Asked about the plausibility of conducting a real attack that involves reprogramming an existing microcontroller to transmit BLE beacons, Br\u00e4unlein in an email to <i>The Register<\/i> said, &#8220;This is quite a long attack chain, but the same [as] Stuxnet. I think the biggest hurdle would be finding a device with a Bluetooth modem in such a network.&#8221;<\/p>\n<p>&#8220;If there were any consumer-grade IoT devices, their compromise would probably be the lowest hurdle,&#8221; he said. &#8220;However when malware is installed e.g. via dropped USB sticks, the USB sticks could already include the Bluetooth microcontroller.&#8221;<\/p>\n<p>Br\u00e4unlein said Send My essentially creates <a href=\"https:\/\/www.amazon.com\/Amazon-Sidewalk\/b?node=21328123011\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Amazon Sidewalk<\/a> \u2013 Amazon&#8217;s network for IoT devices \u2013 out of Apple&#8217;s network infrastructure. It&#8217;s not a new threat, he said, pointing to existing global mobile and satellite networks that can be used to carry data. But in scenarios like intentionally shielded sites where those networks aren&#8217;t accessible, Send My might prove useful.<\/p>\n<p>Because Apple designed Find My with privacy in mind \u2013 the network aspires to keep finders anonymous, to prevent the tracking of owner devices, and to maintain the confidentiality of location reports \u2013 Br\u00e4unlein believes it will be difficult for Apple to protect against this sort of abuse.<\/p>\n<p>Meanwhile, other security researchers are testing the limits of Apple&#8217;s privacy protections in other ways. Security firm Intego on Tuesday demonstrated that AirTags have <a href=\"https:\/\/www.intego.com\/mac-security-blog\/i-mailed-an-airtag-and-tracked-its-progress-heres-what-happened\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">some potential as covert tracking devices<\/a>, despite Apple&#8217;s efforts to preclude this possibility. And German security researcher <a href=\"https:\/\/twitter.com\/ghidraninja\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">stacksmashing<\/a> has managed to <a href=\"https:\/\/www.youtube.com\/watch?v=_E0PWQvW-14\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">hack and reflash AirTags<\/a>.<\/p>\n<p>Apple, seldom chatty about anything and particularly tight-lipped on matters of security, did not respond to a request for comment. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/32283\/Hacker-Manipulates-Apples-Find-My-Network-For-Data-Exfiltration.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[9369],"class_list":["post-40860","post","type-post","status-publish","format-standard","hentry","category-cybersecurity-blogs","tag-headlinehackerdata-lossflawapple"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Hacker Manipulates Apple&#039;s Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Hacker Manipulates Apple&#039;s Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-05-13T14:25:22+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Hacker Manipulates Apple&#8217;s Find My Network For Data Exfiltration\",\"datePublished\":\"2021-05-13T14:25:22+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/\"},\"wordCount\":882,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"keywords\":[\"headline,hacker,data loss,flaw,apple\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/\",\"name\":\"Hacker Manipulates Apple's Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-05-13T14:25:22+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,data loss,flaw,apple\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackerdata-lossflawapple\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Hacker Manipulates Apple&#8217;s Find My Network For Data Exfiltration\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hacker Manipulates Apple's Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/","og_locale":"en_US","og_type":"article","og_title":"Hacker Manipulates Apple's Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-05-13T14:25:22+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Hacker Manipulates Apple&#8217;s Find My Network For Data Exfiltration","datePublished":"2021-05-13T14:25:22+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/"},"wordCount":882,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","keywords":["headline,hacker,data loss,flaw,apple"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/","url":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/","name":"Hacker Manipulates Apple's Find My Network For Data Exfiltration 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2021-05-13T14:25:22+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2YJ15wKnTh2SaANJu6zooDwAAANA&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/hacker-manipulates-apples-find-my-network-for-data-exfiltration\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,data loss,flaw,apple","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackerdata-lossflawapple\/"},{"@type":"ListItem","position":3,"name":"Hacker Manipulates Apple&#8217;s Find My Network For Data Exfiltration"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40860","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=40860"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/40860\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=40860"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=40860"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=40860"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}