Hot topics

Apple AirPlay Bugs Expose Devices to Hacking—How to Protect Yourself

NextPit Apple HomePod 2 2
© nextpit

Apple's AirPlay is a convenient feature in iPhones and other Apple products, enabling seamless connection with other media devices for easy mirroring or casting. However, the underlying protocol could also serve as an entry point for hackers to infiltrate and gain access to your device. Several vulnerabilities in AirPlay have been discovered, potentially putting millions of Apple and third-party devices at risk.

This week, security firm Oligo published findings on a set of AirPlay vulnerabilities dubbed AirBorne, including significant exploits and attacks such as zero-click Remote Code Execution (RCE) and one-click RCE.

Apple and Third-Party AirPlay Devices at Risk

These bugs affect the AirPlay Software Development Kit (SDK), which is used by developers and manufacturers. Consequently, attackers could exploit these vulnerabilities as backdoors to hack and execute malicious code on third-party AirPlay-enabled devices, including smart speakers, smart TVs, dongles, and even car consoles or head units with CarPlay. This potentially exposes tens of millions of devices.

Once access is gained or a device is compromised, hackers could remotely control it, such as enabling the microphone to eavesdrop on individuals or using it to coordinate network-based cyberattacks. So far, the firm has demonstrated two exploits through wormable zero-click RCE vulnerabilities to hack a Bose speaker.

However, the firm further details that attackers can only leverage these vulnerabilities if the targeted hardware is within the same Wi-Fi network, which reduces the threat for devices connected to secure networks.

In addition to non-Apple AirPlay products, these bugs reportedly affect Apple hardware such as iPhones, iPads, Macs/MacBooks, and HomePods, especially if users have modified the AirPlay settings on their devices. To address user concerns, Apple has confirmed that it patched these software bugs via updates several months ago.

This leaves third-party devices more vulnerable to hacking, as many of them rarely receive updates. Even worse, some speakers and TVs may never receive any updates throughout their lifespan.

How to Protect Your Device from Hacking via the AirPlay Bug

If a software update or patch is not available for your third-party AirPlay devices, there are effective measures users can take to mitigate these hacks or protect their devices. The most prominent way is to avoid connecting to public or free Wi-Fi networks and only use trusted WLANs. It is also recommended to use strong security levels and complex passwords when setting up your Wi-Fi network. Additionally, turning off the AirPlay feature when it is not in use can also block potential access for hackers.

As simple as it sounds, these measures, along with other general security practices such as turning off your devices once a week, can help safeguard against various attacks and hacks.

Do you have an AirPlay-ready device at home? What steps do you take to keep your network safe? We'd like to hear your suggestions in the comments.

Source: Oligo

 The best smartphones under $400

  Editorial tip Price tip 3rd place 4th place 5th place
Product
Image Google Pixel 6a Product Image Apple iPhone SE (2022) Product Image Samsung Galaxy A53 Product Image OnePlus Nord N20 Product Image Motorola Moto G Stylus 5G (2023) Product Image
Review
Review: Google Pixel 6a
Review: Apple iPhone SE (2022)
Review: Samsung Galaxy A53
Not yet tested
Not yet tested
Price (MSRP)
  • $449.00
  • $429.00
  • $449.99
  • $299.00
  • $399.00
Offer*
Go to comment (0)
Jade Bryan

Jade Bryan
Junior Editor

I still remember how amazed I was when I first got hold of the Nokia 3210 back when I was a kid, and it was during that time I developed my love for technology, particularly for mobile phones. I started sharing my knowledge through writing in different blogs and forums back in Nokia Nseries era. I even make videos before where I put different phones side-by-side. Today, I'm still an avid enthusiast of smartphones, but my interests have evolved into smart devices and electric vehicles.

To the author profile
Liked this article? Share now!
Recommended articles
Latest articles
Push notification Next article
No comments
Write new comment:
All changes will be saved. No drafts are saved when editing
Write new comment:
All changes will be saved. No drafts are saved when editing