- Apple AirTags have been hacked by Thomas Roth.
- The researcher “Stackmashing” also posted details about the hack on Twitter.
- The AirTag’s Lost Mode could be tweaked once it’s hacked.
- Apple claimed privacy and security as the core features of the AirTags.
Apple introduced the long-awaited AirTags at the “Spring Loaded” event in April 2021. It is meant to aid users in tracking objects that otherwise have no smart features, like backpacks and keys. AirTags is designed with the same privacy and security found in Find My. No location data or location history is stored inside the device. Communication with the Find My network is end-to-end encrypted. Only the owner has access to location data and no one. Even Apple doesn’t know the identity or location of any device that helped find it.
AirTags hacked and reprogrammed by security researchers:
A security researcher has found that Apple’s AirTags can be hacked and its software can be altered. The microcontroller reveals things that can be reprogrammed to change specific functions. Apple is well known for having built high levels of security into its products, which naturally led the new AirTags to become a target for security researchers. A little over a week after shipping, it looks like some AirTags items could be changed.
German security researcher “Stack Smashing” revealed on Twitter that they were able to “break into the microcontroller” of the AirTag. Posted on Saturday and first reported by 8 bits, the tweet thread includes some details about the researcher’s exploration of the device.
After a few hours and several tags destroyed in the process, the researcher performed firmware dumps and finally found that the microcontroller could be reflashed. In short, the researcher has proven that it is possible to modify the programming of the microcontroller, to change its operation.
Apple claimed privacy and security as the core features of the AirTag:
When the AirTag is in the Lost Mode, it shows a notification when scanned by an NFC-capable smartphone. For example, a notification on an iPhone or an Android smartphone. It shows a link to the found.apple.com website (part of the Find My network) to display information about the owner.
The hackers could be able to leverage the loopholes showcased on Twitter to target those who found the lost AirTag to malicious websites, instead of displaying information about the user. However, Roth did mention in his tweets that it took hours for him to bring modifications. He also said that he bricked a couple of AirTags before reaching success.
Apple claims privacy and security as the core features of the AirTag at the time of its official announcement last month. However, the tweets posted by Roth suggest that the Cupertino company may need to bring an update to block firmware-level modification.