Chinese hackers claim to have found a way to crack Apple AirDrop and find out email addresses, phone numbers

Image Credit: Geralt / Pixabay (Image credit: Geralt / Pixabay)

Chinese state-sponsored researchers claim to have found a way to extract sensitive information from people using Apple’s AirDrop feature.

A Bloomberg report covered how China's Beijing Wangshendongjian Judicial Appraisal Institute reportedly found a way to read phone numbers, email addresses, and device names of AirDrop users, via device logs. 

The researchers began their work investigation after someone allegedly used AirDrop to share “inappropriate” comments in the Beijing subway, but concerns around privacy have already been raised.

Rainbow tables

"After preliminary investigation, the police found that the suspect used the AirDrop function of the iPhone to anonymously spread the inappropriate information in public places," the publication cites an announcement by the Chinese government. "Due to the anonymity and difficulty of tracking AirDrop, some netizens have begun to imitate this behavior. Therefore, it is necessary to find the sending source and determine its identity as soon as possible to avoid negative impacts."

The researchers claim to have used rainbow tables to dehash iOS logs and read the information stored there. The data was later shared with the authorities, who apparently used it to "identify multiple suspects involved in the case."

Due to the Chinese government’s strict grip on the internet and digital communication, many citizens turned to AirDrop to share content privately and away from the eyes of the government. BleepingComputer says the AirDrop feature was used during the 2019 protests in Hong Kong, and later in 2022, as well. 

AirDrop is an iOS feature that allows users to share images and photos via Bluetooth and private Wi-Fi networks, and without the need for a cellular connection.

Some time later, Apple released iOS version 16.1.1 which introduced a 10-minute time cap on receiving AirDropped content from “everyone”. The feature was first introduced in China, prompting a backlash, with many people arguing Apple was conforming the Chinese government. The feature was later added to iOS devices all across the planet. 

Via BleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.