Researchers at the cybersecurity firm Oligo revealed a collection of vulnerabilities they’ve dubbed AirBorne. These flaws affect AirPlay, Apple’s proprietary Wi-Fi-based protocol that allows Apple devices like iPhones, iPads, and Macs to wirelessly send audio and video to third-party speakers, audio receivers, set-top boxes, and smart TVs.
Consequently, AirBorne bugs within Apple’s AirPlay software development kit (SDK) for third-party devices could enable hackers to hijack those gadgets if they are on the same Wi-Fi network as the attacker.
Apple has already issued patches for all its devices, urging users to update them, and has also made fixes available to third-party product manufacturers. However, not all companies are as diligent as Apple in updating their products.
Cybersecurity expert and Head of Business Product at NordPass, Karolis Arbaciauskas, comments:
“There are tens of millions of third-party AirPlay-enabled devices, and not all companies update their products as diligently as Apple. If you own such a third-party AirPlay-enabled device, the vulnerability might still exist. However, to exploit it, an attacker would first need to gain access to your home or office Wi-Fi network. Therefore, updating your router and using a strong password should keep you safe.”
“A worrying number of electronic devices ship with terrible default passwords straight from the factory, so it’s always a good idea to check and change them. Ensure your password is as random as possible, at least eight characters long, and includes a mix of random numbers and symbols. Remembering strong passwords can be challenging, but tools like password managers can safely generate, store, and share your Wi-Fi password with friends and family.
“Let’s also not forget public Wi-Fi access points. We use various devices not only at home but also in cafes, airports, arenas, and other public spaces with public Wi-Fi access. These networks are dangerous. Using AirPlay-enabled devices on public networks could grant an attacker direct access. A simple rule to protect yourself is: avoid using public Wi-Fi altogether. A better alternative is to use your smartphone to create a personal hotspot and connect your other devices to it. If that’s not possible, at least avoid unprotected Wi-Fi networks and use a VPN.”
