AirTag Hack Replaces URL for Lost Mode

May. 10, 2021

Launched in Aprilat Spring Loaded event, Apple’s AirTag is getting the attention of modders and security researchers alike. We recently saw how aYouTuber turned an AirTag into a wallet trackerand now, a security researcher has put AirTag’s security to the test.

First reported byThe 8-Bit, German security researcher and YouTuber stacksmashing took to Twitter to share how they were able to break into the microcontroller of the AirTag. After this, theymanaged to change the URL whenAirTag is in lost mode– the feature that lets you mark your AirTag as lost.

In normal circumstances, AirTag will direct users to ‘found.apple.com’ when brought closer to an NFC-supported smartphone. However,with stacksmashing’s modified AirTag, the tracker takes users to a modified URL.Take a look at the video demo below:

stacksmashing also demonstrated a harmless rickroll with the modified AirTag:

So, does this mean you should worry as an AirTag owner? Not really, at least at the moment. While this is technically the first jailbreaked AirTag, it requires physical access to the tracker. The process is not straightforward and stacksmashing says they bricked two AirTags during this project. However, this opens up a lot of possibilities for hackers to repurpose the AirTag for phishing attacks if you scan a modified AirTag.

It won’t be surprising if Apple manages to block these AirTags out of the Find My network in the foreseeable future. The Cupertino giant may also roll out a software update soon to lock down the firmware to avoid these possibilities. Meanwhile, AirTag owners have also figured out a way toaccess Apple AirTag’s hidden developer mode.

Subin writes about consumer tech, software, and security. He secretly misses the headphone jack while pretending he’s better off with the wireless freedom.