Apple's AirTag can be hacked and its software modified, as a security researcher has now discovered. An investigation into the microcontroller has shown that elements can be reprogrammed to change certain functions.
Apple is known for building a high level of security into its products and this has naturally led to the new AirTags becoming a target for security researchers. Now it is clear that some AirTag elements can be modified. German security researcher "Stack Smashing" revealed on Twitter that he managed to "break into the microcontroller" of the AirTag. The hack, posted on Saturday and first reported by The 8-Bit discovered Tweet contains some details about the device. After spending several hours and destroying several tags in the process, the researcher made firmware dumps and finally discovered that the microcontroller could be reflashed. In short, the researcher proved that it was possible to change the microcontroller's programming to change how it works. An initial demonstration showed an AirTag with a modified NFC URL that, when scanned with an iPhone, displays a custom URL instead of the usual "found.apple.com" link.
AirTag relies on secure "Find My" network
Although the investigations are only in their early stages, they show that it takes a lot of know-how and effort to hack the AirTag in the first place. In a demonstration video, the modified AirTag is shown attached to cables that claim to only provide power to the device. It's plausible that similar techniques could be used for malicious purposes, although at this point it's unclear how far one can push it. Given that AirTag relies on the secure Find My network for Lost Mode to work, it seems likely that Apple would introduce some form of server-side defense against malicious modified versions. Just recently, a hidden debug mode was found in AirTag that gives developers significantly more information about the device's hardware than users would normally need, more on that below. (Image via Twitter @ghidraninja)
