Launched in April at Spring Loaded event, Apple’s AirTag is getting the attention of modders and security researchers alike. We recently saw how a YouTuber turned an AirTag into a wallet tracker and now, a security researcher has put AirTag’s security to the test.
First reported by The 8-Bit, German security researcher and YouTuber stacksmashing took to Twitter to share how they were able to break into the microcontroller of the AirTag. After this, they managed to change the URL when AirTag is in lost mode – the feature that lets you mark your AirTag as lost.
In normal circumstances, AirTag will direct users to ‘found.apple.com’ when brought closer to an NFC-supported smartphone. However, with stacksmashing’s modified AirTag, the tracker takes users to a modified URL. Take a look at the video demo below:
Built a quick demo: AirTag with modified NFC URL 😎
(Cables only used for power) pic.twitter.com/DrMIK49Tu0
— stacksmashing (@ghidraninja) May 8, 2021
stacksmashing also demonstrated a harmless rickroll with the modified AirTag:
Be careful when scanning untrusted AirTags or this might happen to you😆 pic.twitter.com/LkG5GkvR48
— stacksmashing (@ghidraninja) May 9, 2021
So, does this mean you should worry as an AirTag owner? Not really, at least at the moment. While this is technically the first jailbreaked AirTag, it requires physical access to the tracker. The process is not straightforward and stacksmashing says they bricked two AirTags during this project. However, this opens up a lot of possibilities for hackers to repurpose the AirTag for phishing attacks if you scan a modified AirTag.
It won’t be surprising if Apple manages to block these AirTags out of the Find My network in the foreseeable future. The Cupertino giant may also roll out a software update soon to lock down the firmware to avoid these possibilities. Meanwhile, AirTag owners have also figured out a way to access Apple AirTag’s hidden developer mode.