Researchers at Darmstadt technical University, argue that the Protocol Apple Wireless Direct Link (AWDL) contains vulnerabilities that threaten more than 1.2 billion devices. Using these flaws, an attacker can track users, disabling the device or to intercept files transmitted between devices (attack man-in-the-middle, MitM).

Specialists Darmstadt technical University began to analyze the Protocol Apple Wireless Direct Link last year. Recall that Apple launched the AWDL in 2014, he currently plays a key role in communications between devices in the Apple ecosystem.

Many users of Microsoft products from Cupertino may not be aware of the existence of the AWDL, but it constitutes the basis of the services AirPlay and AirDrop. Apple releases all their devices (iMac, MacBook, iPhone, iPad, Applw watch, Apple TV and HomePod) Protocol-enabled AWDL.

Over the past five years since the launch of the AWDL Apple refused to publish the technical details of the Protocol. This led to the fact that researchers have not been able to analyze it for vulnerabilities.

Given the fact that the number of people using AWDL, is constantly growing, experts Darmstadt technical University in 2018 decided to subject the Protocol to a detailed analysis.

As a result, the specialists conducted reverse engineering AWDL and then rewrote it as a C-implementation called OWL (Open Wireless Link). It is possible to use OWL as a platform for testing AWDL on vulnerability to cyber attacks.

The analysis showed the presence of several problems, which threaten the security and privacy of users. For example, an attacker could mount an attack “man in the middle” in the case of file transfer using AirDrop.

The cybercriminal can not only pick up the files but to modify them, which allows them to install on the device from harmful files.

The researchers demonstrated the process of MitM attack on video, which can be found below:

Read more •••

LEAVE A REPLY

Please enter your comment!
Please enter your name here