The Apple AirTag search beacon went on sale at the end of last month, and since then, users have been doing various experiments with this gadget.Ā However, the greatest interest is not associated with the fact that it can be embedded somewhere or discreetly planted for surveillance.Ā It turns out that AirTag can be hacked, as demonstrated by the German security researcher stacksmashing.
On his Twitter, the expert wrote that he was able to reflash the beacon microcontroller, and this allowed changing the URL that appears in the notification in the tag loss mode.
Thus, when scanning a hacked AirTag on a smartphone, a fake link is displayed, which does not lead to the Apple service page for finding lost devices Find My, but to another site.Ā This opportunity can be used by phishing attackers.
Built a quick demo: AirTag with modified NFC URL
(Cables only used for power)Ā pic.twitter.com/DrMIK49Tu0
– stacksmashing (@ghidraninja)Ā May 8, 2021
It is worth noting that it is still possible to hack AirTag only with the help of changes in the microcontroller program, for which it is necessary to have physical access to the beacon.Ā The search system itself does not contain any vulnerabilities.Ā Perhaps Apple will pay attention to this and implement some kind of protective mechanism to prevent the modified AirTag from accessing the Find My network.