Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

A cheap Bluetooth transmitter can spoof some iPhone notifications

This cheap device can spoof an Apple TV

At Def Con 2023, some attendees were shown in real-time how a relatively cheap device leveraging Bluetooth flaws can force bogus notifications and potentially get the user to surrender sensitive data.

Walking around a conference dedicated to hacking devices and software typically means seeing all sorts of real world attacks, albeit in a specialized setting. And as some attendees discovered this year, it can also mean personal data is potentially up for grabs at any given moment.

Take, for example, a research project put together by Jae Bochs shows just how easy it is to take advantage of Apple's own utilization of Bluetooth Low Energy, or BLE, to try and nab a user's information. Bochs's project had a couple of purposes, the first being to remind folks that simply using Control Center to disable Bluetooth doesn't actually get the job done.

The second was to simply have a laugh as Bochs walked around the conference, stood in lines, and visited vendors. They did try to remember to turn their device off if they stopped to have a chat with someone, though, according to TechCrunch.

The device is a combination of several elements, like a Raspberry Pi Zero 2 W, a Linux-compatible Bluetooth adapter, a couple of antennas, and an external battery. All told, Bochs says it costs around $70, which means a relatively inexpensive device can quickly cause some specific havoc on Apple devices within 50 feet.

It comes down to communication between devices, which at this point Apple relies heavily on for its ecosystem. By tapping BLE, devices like iPhones can talk to one another when they get within a set range, which can then prompt "proximity actions."

The device causes these actions, so as Bochs walked around the conference he was able to send a prompt to nearby iPhones asking them to auto-fill their password into a nearby Apple TV. Despite the fact there wasn't an Apple TV near them.

Luckily, Bochs's device wasn't built to attain any personal information, even if someone did tap on the prompt and insert their password for some reason. However, he does say there is a possibility where that could happen.

"If a user were to interact with the prompts, and if the other end was set up to respond convincingly, I think you could get the victim' to transfer a password. There's an issue known for a few years where you can retrieve phone number, Apple ID email, and current Wi-Fi network from the packets."

Apple is aware of the issue, and has been since 2019. However, Bochs does not expect the company to do anything about it because so little information can be shared through this process, and it's an integral feature to the Apple ecosystem as a whole.

Bochs does suggest Apple could offer a better prompt for users, letting them know what's happening when they tap the Bluetooth icon in Control Center.

How to protect yourself from this kind of attack

This is all about situational awareness. Bluetooth isn't known for being particularly great for security purposes, but in this particular situation it comes down to knowing your environment.

As Bochs notes, this particular moment is for the laughs, because it's an Apple TV prompting for a password at a hacker convention. It's obviously not any one person's personal Apple TV, so if you see this or similar while out, obviously don't input your password.

However, out in the real world a similar prompt could pop up, which means the individual needs to be aware what personal devices are being carried, like an AirTag or pair of AirPods Pro. If a random device starts prompting you for a password, the safe bet is to ignore it entirely, especially if you don't recognize it.

As a reminder, the only way to fully disable Bluetooth or Wi-Fi is to do so in the Settings app.



7 Comments

mayfly 1 Year · 385 comments

Your best defense against a shark attack: Stay outta the damn water!
Your best defense against hacking: same!

auxio 19 Years · 2766 comments

mayfly said:
Your best defense against a shark attack: Stay outta the damn water!
Your best defense against hacking: same!

Short of turning off all the antennas on your phone (rendering it useless), it's not an option to stay out of the water. Your phone is always connected to the internet and prone to attacks. This particular one requires close proximity due to use of Bluetooth, but not all do.

Best defence is to keep your phone updated and not give out personal information unless you're sure about who's asking for it (common sense).

baconstang 10 Years · 1160 comments

Since I don't use ear buds, it's easy for me to keep BT off unless I need it, which isn't very often.

FileMakerFeller 6 Years · 1561 comments

Walking around a conference dedicated to hacking devices and software typically means seeing all sorts of real world attacks, albeit in a specialized setting. And as some attendees discovered this year, it can also mean personal data is potentially up for grabs at any given moment.

Given the nature of surveillance capitalism, you don't have to be attending a hacker conference for your personal data to be obtained without your knowledge by a nefarious adversary - it's already happened.

greg.edwards69 2 Years · 15 comments

I wonder how many iPhone-toting attendees at such a conference were also wearing an Apple Watch? Disabling Bluetooth "breaks" a number of features, if the watch isn't connected to wifi.