Close Menu
Technology Mag

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    The oldest Fire TV devices are losing Netflix support soon

    May 24, 2025

    The Breville Oracle Jet Is Like the iPad of Home Espresso Machines

    May 24, 2025

    The Best Coffee Pod Machines for Hot and Cold Brew

    May 24, 2025
    Facebook X (Twitter) Instagram
    Subscribe
    Technology Mag
    Facebook X (Twitter) Instagram YouTube
    • Home
    • News
    • Business
    • Games
    • Gear
    • Reviews
    • Science
    • Security
    • Trending
    • Press Release
    Technology Mag
    Home » Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi
    Security

    Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi

    News RoomBy News RoomMay 1, 20253 Mins Read
    Facebook Twitter Pinterest LinkedIn Reddit WhatsApp Email

    Below is a video of the Oligo researchers demonstrating their AirBorne hacking technique to take over an AirPlay-enabled Bose speaker to show their company’s logo for AirBorne. (The researchers say they didn’t intend to single out Bose, but just happened to have one of the company’s speakers on hand for testing.) Bose did not immediately respond to WIRED’s request for comment.

    The AirBorne vulnerabilities Oligo found also affect CarPlay, the radio protocol used to connect to vehicles’ dashboard interfaces. Oligo warns that this means hackers could hijack a car’s automotive computer, known as its head unit, in any of more than 800 CarPlay-enabled car and truck models. In those car-specific cases, though, the AirBorne vulnerabilities could only be exploited if the hacker is able to pair their own device with the head unit via Bluetooth or a USB connection, which drastically restricts the threat of CarPlay-based vehicle hacking.

    The AirPlay SDK flaws in home media devices, by contrast, may present a more practical vulnerability for hackers seeking to hide on a network, whether to install ransomware or carry out stealthy espionage, all while hiding on devices that are often forgotten by both consumers and corporate or government network defenders. “The amount of devices that were vulnerable to these issues, that’s what alarms me,” says Oligo researcher Uri Katz. “When was the last time you updated your speaker?”

    The researchers originally started thinking about this property of AirPlay, and ultimately discovered the AirBorne vulnerabilities, while working on a different project analyzing vulnerabilities that could allow an attacker to access internal services running on a target’s local network from a malicious website. In that earlier research, Oligo’s hackers found they could defeat the fundamental protections baked into every web browser that are meant to prevent websites from having this type of invasive access on other people’s internal networks.

    While playing around with their discovery, the researchers realized that one of the services they could access by exploiting the bugs without authorization on a target’s systems was AirPlay. The crop of AirBorne vulnerabilities revealed today is unconnected to the previous work, but was inspired by AirPlay’s properties as a service built to sit open and at the ready for new connections.

    And the fact that the researchers found flaws in the AirPlay SDK means that vulnerabilities are lurking in hundreds of models of devices—and possibly more, given that some manufacturers incorporate the AirPlay SDK without notifying Apple and becoming “certified” AirPlay devices.

    “When third-party manufacturers integrate Apple technologies like AirPlay via an SDK, obviously Apple no longer has direct control over the hardware or the patching process,” says Patrick Wardle, CEO of the Apple device-focused security firm DoubleYou. “As a result, when vulnerabilities arise and third-party vendors fail to update their products promptly—or at all—it not only puts users at risk but could also erode trust in the broader Apple ecosystem.”

    Updated 10 am ET, April 29, 2024: Clarified that the logo in Oligo’s video is for AirBorne, not the company itself.

    Share. Facebook Twitter Pinterest LinkedIn WhatsApp Reddit Email
    Previous ArticleGet an Extra 25% Off With Our Adidas Promo Codes and Deals
    Next Article EcoFlow Wave 3 review: a portable A/C and heater that’s better in every way

    Related Posts

    Mysterious Database of 184 Million Records Exposes Vast Array of Login Credentials

    May 24, 2025

    3 Teens Almost Got Away With Murder. Then Police Found Their Google Searches

    May 22, 2025

    Authorities Carry Out Elaborate Global Takedown of Infostealer Heavily Used by Cybercriminals

    May 22, 2025

    We Made Luigi Mangione’s 3D-Printed Gun—and Fired It

    May 21, 2025

    Who Even Is a Criminal Now?

    May 20, 2025

    The Internet’s Biggest-Ever Black Market Just Shut Down Amid a Telegram Purge

    May 19, 2025
    Our Picks

    The Breville Oracle Jet Is Like the iPad of Home Espresso Machines

    May 24, 2025

    The Best Coffee Pod Machines for Hot and Cold Brew

    May 24, 2025

    Whoop is reportedly replacing defective MG trackers

    May 24, 2025

    Our Favorite Computer Monitors for PC Gaming

    May 24, 2025
    • Facebook
    • Twitter
    • Pinterest
    • Instagram
    • YouTube
    • Vimeo
    Don't Miss
    News

    Twelve South’s slick 3-in-1 charging stand has dropped to a new low price

    By News RoomMay 24, 2025

    Memorial Day marks the unofficial start of summer, and if you somehow managed to skip…

    Fujifilm’s X Half, a New OnePlus Tablet, and Fender’s GarageBand Rival—Your Gear News of the Week

    May 24, 2025

    X is down

    May 24, 2025

    15 Best Memorial Day Tech Deals

    May 24, 2025
    Facebook X (Twitter) Instagram Pinterest
    • Privacy Policy
    • Terms of use
    • Advertise
    • Contact
    © 2025 Technology Mag. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.