Apples AirTag can be hacked and its software modified, a security researcher found out. When examining the microcontroller, revealing elements can be reprogrammed to change the way certain functions work.
Apple is known for offering a high level of security to its products. This, of course, has resulted in the new AirTags becoming a target for security researchers. Just over a week after it was shipped, it seems that some AirTag items can be changed.
German security researcher “Stack Smashing” uncovered on Twitter that they were able to “break into” the AirTag’s microcontroller. Posted on Saturday and first reported by The 8-bitThe tweet thread has some details about the researcher’s research into the device.
After a few hours and the destruction of several tags in the process, the researcher created firmware dumps and finally found that the microcontroller could be restarted. In short, the researcher has proven that it is possible to change the programming of the microcontroller and change the way it works.
A first demonstration showed an AirTag with a modified NFC URL that displays a custom URL instead of the usual “found.apple.com” link when scanning with an iPhone.
Even in its early days, research shows that hacking AirTag takes a lot of know-how and effort. During a demonstration video, the modified AirTag is shown attached to cables that are claimed to only provide power to the device.
It is plausible that similar techniques could be used for malicious purposes, although it is unclear exactly how far they can be pushed at this point.
Given that AirTag relies on security Find mine In order for lost mode to work, it is likely that Apple will introduce some form of server-side defense against maliciously modified versions.
Since its inception, a hidden debug mode was found in AirTag and provides developers with significantly more information than users would normally need about the device’s hardware.