Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi

Below is a video of Oligo researchers, who shows air piracy technology to take over the Bose amplifier that supports AirPlay to show their company’s Airborne’s logo. (The researchers say they do not intend to get out of Bose, but they coincided with having a company speaker at hand to test.) Bose did not immediately respond to WIRED to comment.

The air portable weaknesses that Oligo also found CarPlay, which is the radio protocol used to connect to the vehicle’s dashboard facades. Oligo warns that this means that infiltrators can kidnap the computer for the car, known as its head unit, in any of more than 800 models for cars and trucks supported by CarPlay. In these car cases, though, air weak weaknesses cannot be exploited unless the infiltrator is able to pair his own devices with the head unit via Bluetooth or a USB connection, which greatly restricts the threat of the car -on -based car penetration.

In contrast, AirPlay SDK defects in home media devices may offer a more practical security vulnerability for infiltrators who seek to hide on a network, whether to install ransom programs or hidden spying, all while hiding devices that are often forgotten by consumers, consumers or the government network. “The amount of devices that were vulnerable to these issues, and this is what worries me,” says Oligo, Uri Katz researcher. “When was the last time you updated your loudspeaker?”

The researchers have originally started thinking about this property from AirPlay, and eventually discovered air weak weaknesses, while working on a different project to analyze weaknesses that can allow the attacker to access the internal services that work on a local network of a harmful web site. In this previous research, Oligo’s infiltrators found that they could defeat the baked baked protection in each web browser aimed at preventing web sites from the presence of this type of gas access to the internal networks of other people.

While playing by discovering, the researchers realized that one of the services they could reach by exploiting errors without the permission of the target systems was the broadcast. The air -to -air portable weaknesses that were unveiled today are not related to the previous work, but it is inspired by the AirPlay properties as a service designed for open sitting and ready for new contacts.

The fact that researchers have found defects in AirPlay SDK that weaknesses lie in wait for hundreds of models of devices – and perhaps more, given that some manufacturers include SDK AirPlay without Apple notification and AirPlay becomes “approved”.

“When third -party manufacturers integrate Apple techniques such as AirPlay via SDK, it is clear that Apple no longer controls the devices or patching process,” says Patrick Wardel, CEO of Apple Doubleyou. “As a result, when the weaknesses arise and third-party sellers fail to update their products immediately-or at all-it is not only exposing users, but they can also wear confidence in the broader ecosystem in Apple.”

It was updated 10 in the morning, April 29, 2024: He made it clear that the logo in the Oligo video is dedicated to Airborne, not the company itself.