0

Apple 'Find My' network can be abused to steal keylogged passwords(www.bleepingcomputer.com)

posted
by
Avatar
Lee Duna@lemmy.nz
in
Avatar
cybersecurity@infosec.pub
2 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
hemmes@lemmy.world
0 points

This is another example of very specific situations in INFOSEC. It’s unlikely that you will become a victim to this key logger attack. And of course the title suggests that Apple’s Find My network is compromised. This is not the case. But it is being utilized, in this instance, against Apple’s rules and regulations.

The real hack here is that the victim had their keyboard modified or was given a compromised keyboard that broadcasts Bluetooth signals, that are then picked up on the Find My network. It could be transmitted via Bluetooth, WiFi, audible sound, monitoring energy differentials, etc. It’s the HMI hardware that’s been compromised. Apple will likely develop updates to their Find My network, but the compromised keyboard could then be modified to use some other service or broadcast methods. Apple fixing the Find My network to recognize bad actors will not prevent this style of attack.

permalink
report
reply
Avatar
cron@feddit.de
0 points

True. It would be much easier to build a keyboard with a keylogger that uses a sim card and the cell network.

permalink
report
parent
reply

cybersecurity

!cybersecurity@infosec.pub

Create post

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

  • Be kind
  • Limit promotional activities
  • Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

Community stats

  • 149

    Monthly active users

  • 123

    Posts

  • 183

    Comments

Community moderators