The AirPlay device connected to your iPhone or Mac may be a target for hackers

Macworld

Apple’s AirPlay technology makes it easy to stream media from an Apple device to a device such as a speaker or a television. But the wireless connection that AirPlay uses has vulnerabilities that hackers can use to gain control of those devices.

Cybersecurity firm Oligo posted a report today that covers vulnerabilities it discovered in the AirPlay protocol and the AirPlay Software Development Kit. The vulnerabilities, dubbed AirBorne, have been patched in the iPhone, iPad, Mac, and other Apple devices through security updates, but third-party products that implement AirPlay likely contain the flaws since it’s up to those third parties to provide software patches for their devices. Oligo states in its report that the “number of third-party audio devices that support AirPlay can be estimated in the 10s [stet] of millions.”

To take advantage of the AirPlay vulnerabilities, the hacker must have access to the local Wi-FI network that the AirPlay devices are connected to. While that isn’t a trivial task with a home or business network, it can be if the network is a publicly shared one, such as in a coffee shop. For example, a coffee shop may put AirPlay speakers or a TV on the same network as the one open to its customers. If an AirPlay device is equipped with microphones or cameras, AirBorne can be used by a hacker to spy on users.

Airborne allows for a variety of attacks. In one video example, Oligo shows a Remote Code Execution (RCE), where a MacBook is hacked using AirBourne so that whenever the Music app is launched, an AirBourne image opens. Watch the demo below.

Oligio also states that CarPlay devices are affected by AirBorne. In the video below, AirBorne is used to gain access to a CarPlay unit and display the AirBorne image. However, because the hacker needs to able to connect to the CarPlay unit by accessing the car’s Bluetooth or USB connection, the risk is low.

How to protect yourself from AirBorne

Apple has patched the AirBorne vulnerabilities in its devices through OS updates and firmware updates for devices such as the HomePod and Apple TV. Users can update iPhones, iPads, and Macs through Software Update in System Settings. Firmware updates cannot be triggered by the user; they are usually done automatically. Apple releases security patches through OS updates, so installing them as soon as possible is important.

As for third-party AirPlay devices, it is up to the manufacturer to provide a driver update. Wired points out that the market is filled with uncertified AirPlay support, which could mean that the manufacturer may not be attentive in updating the software for its device.

Macworld has several guides to help keep your Mac secure, including a guide on whether or not you need antivirus software, a list of Mac viruses, malware, and trojans, and a comparison of Mac security software.