Launched in April at the Spring Loaded event, Apple’s AirTag is attracting the attention of modders and security researchers alike. We recently saw how a YouTuber turned an AirTag into a wallet tracker and now, a security researcher has put AirTag security to the test.
First reported by The 8-bitThe German security researcher and YouTuber stacksmashing took to Twitter to share how they were able to get into the AirTag microcontroller. After this, they managed to change url when AirTag is in lost mode – the function that allows you to mark your AirTag as lost.
Under normal circumstances, AirTag will direct users to ‘found.apple.com’ when approaching an NFC compatible smartphone. However, With Stacksmashing’s modified AirTag, the tracker takes users to a modified URL. Take a look at the video demo below:
Built a quick demo: AirTag with modified NFC URL ?
(Cables used only for power) pic.twitter.com/DrMIK49Tu0
– stacking (@ghidraninja) May 8,2022
stacksmashing also demonstrated a harmless rickroll with the modified AirTag:
Be careful when scanning untrusted AirTags or this could happen to you? pic.twitter.com/LkG5GkvR48
– stacking (@ghidraninja) May 9,2022
So does this mean you need to be concerned as an AirTag owner? Not really, at least for now. While this is technically the first AirTag released, it requires physical access to the tracker. The process is not straightforward and Stacksmashing says they blocked two AirTags during this project. However, this opens up many possibilities for hackers to repurpose the AirTag for phishing attacks if you scan a modified AirTag.
It won’t be surprising if Apple manages to block these AirTags off the Find My network for the foreseeable future. The Cupertino giant may also release a software update soon to lock down the firmware and prevent these possibilities. Meanwhile, AirTag owners have also discovered a way to access Apple AirTag’s hidden developer mode.
Thanks For Reading 🙂
EAT < SLEEP < TECH< REPEAT