A major security issue has been found that could let hackers take control of millions of Apple devices using AirPlay and CarPlay, all through Wi-Fi. This flaw affects Apple’s Wireless Direct Link (AWDL) protocol, which is the base for services like AirDrop, AirPlay, and Sidecar.
Researchers from TU Darmstadt in Germany discovered that devices using these features are open to attack when Wi-Fi is turned on, even if users aren’t actively using AirPlay or CarPlay. This means a hacker nearby could exploit the flaw and possibly access or take control of your device.
Worryingly, this issue doesn’t just affect iPhones. It also targets iPads, Macs, Apple TVs, and even HomePods. Once a hacker breaks in, they could do things like steal data, mess with apps, or even spy on the screen or audio shared through AirPlay or CarPlay.
What’s worse is that the attack doesn’t require the hacker to be on the same network. They only need to be within Wi-Fi range. And since the protocol runs in the background, users likely won’t know anything’s wrong.
The researchers shared their findings with Apple in 2023. While Apple has made some security updates since then, not all risks have been fixed. Experts recommend turning off Wi-Fi when not in use and avoiding AirPlay or CarPlay in public areas to stay safe.