Wired
A security researcher discovered that Apple’s AirTag has a hidden danger of cracking. Hackers can not only modify the system firmware, but also further explore the microcontroller and reprogram elements to change the role of specific functions. As we all know, Apple’s products have a high level of security, which naturally leads to the new AirTag becoming the target of security researchers. Shipped for just over a week, it seems that some AirTag elements can be modified.
German security researcher Stack Smashing revealed on Twitter that he can “break into” AirTag’s microcontroller. After several hours of cracking and damaging multiple AirTags, the researchers made a new firmware dump, and the microcontroller can be found after re-flashing. In short, the researchers proved that it is possible to change the programming of the microcontroller to change its function.
The preliminary demonstration shows that AirTag has a modified NFC URL. When scanned with an iPhone, it displays a customized URL instead of the usual “found.apple.com” link. Although it is only in the early stage, research shows that a lot of technology and effort are needed to invade AirTag first. In a demo video, the modified AirTag is shown connected to cables, which are said to only provide power to the device.
It is foreseeable that similar technologies may be used for malicious purposes in the future, but it is not clear to what extent it can be cracked, and to what extent the cracking cost can be reduced in the future. Given that AirTag relies on the secure Find My network to implement its loss mode function, it seems likely that Apple will introduce some form of server-side defense to prevent any malicious modified version.