Apple's 'secure' AirTag network can be hijacked to report fake locations or hide stolen items from their owners.
April 14, 2026
Original Paper
A Relay a Day Keeps the AirTag Away: Practical Relay Attacks on Apple's AirTags
arXiv · 2604.10138
The Takeaway
By exploiting flaws in the Find My network's encryption design, researchers injected fake location reports that mislead the system. This breaks the fundamental security and trust assumption of one of the world's largest consumer tracking ecosystems.
From the abstract
Apple AirTags use Apple's Find My network: when nearby iDevices detect a lost tag, they anonymously forward an encrypted location report to Apple, which the tag's owner can then fetch to locate the item. That encryption protects privacy -- neither the finder nor Apple learns the owner's identity -- but it also prevents Apple from validating the correctness of received reports.We show that this design weakness can be exploited: using a relay attack, we can inject manipulated location reports so t