GoKawiilAdamya Sharma / Android Authority
TL;DR New security flaws in AirDrop and Quick Share affect more than five billion Apple and Android devices.
A hacker within 30 meters can exploit the bugs, without requiring a phishing link, Wi-Fi access, or physical contact.
Researchers say both file-sharing systems prioritize seamless transfers, exposing background services before verifying who’s sending the request.
Sharing a photo or document with a nearby phone has become second nature, but new security research suggests that the convenience behind AirDrop and Quick Share has a much larger attack surface than many realize.
A new wave of vulnerabilities in Apple’s AirDrop and Android’s Quick Share puts well over five billion active devices at risk. A bad actor doesn’t need to touch your phone, send you a phishing link, or share your Wi-Fi network — they just need to be within 30 meters of you with a laptop, researchers at the CISPA Helmholtz Center for Information Security have found (via Help Net Security). The team took apart both of the ecosystems to see how they deal with wireless file transfers. These features run as highly privileged services in the background that wake up the second another device comes near, because they prioritize a seamless experience.
On the Apple side, the bug is taking advantage of a background daemon that controls AirDrop, AirPlay, Handoff, Universal Clipboard, and Continuity Camera. All it takes is one malformed request to crash the entire system. If an attacker loops that request every few seconds, they essentially hold your Apple ecosystem hostage, keeping those features permanently offline.
Quick Share doesn’t cut it either. Researchers tested a Samsung Galaxy S23 Ultra and Google’s Windows client, discovering logic bypasses that allowed attackers to completely bypass critical authentication steps. They even found a memory corruption bug on the Windows side. Researchers found that even though Apple and Google shared pretty much zero code, both of them fell into the same trap: sacrificing security for convenience by exposing complex background processes before the identity of the sender could be verified.
It should be noted that the issue is not a data theft situation. Attackers don’t just quietly steal private photos from your device. For the average user, it’s mostly a giant denial-of-service nuisance. However, if you’re constantly transferring files using AirDrop or Quick Share, having someone hijack your connection state can be quite frustrating.
Fixes are already starting to trickle down. Apple has fixed one of the three AirDrop bugs in a recent update, and Google already has a fix out for its Windows client. The rest of the issues, including Samsung bypasses, are still under development or under coordinated disclosure.
... continue reading