Apple AirTag Was Hacked and Successfully Reprogrammed at Will

  • A researcher managed to break in the Apple AirTag firmware and change the code.
  • In one example, the researcher shows a notification generated by the modified AirTag, displaying a URL under his control.
  • There’s a possibility for more malicious potential, but Apple should step in to fix the issue before it gets out of hand.

A German researcher has finally managed to break into the Apple AirTag microcontroller and then proceeded to reflash it with modified firmware. What this means is that the researcher found a working method to make the device run any code, as long as it is supported by its admittedly weak yet theoretically capable hardware.

The researcher tried hard, bricked two devices, and eventually did it. In a demonstration of this success, the researcher shows the modification of the URL included on notifications generated when the AirTag is put in “Lost” mode, adding his own website on the pop up instead of the “default” Apple site. Of course, that’s only an example, and one could do way more dangerous things than displaying an innocuous site.

Some people immediately wondered if the speaker, 32MB of memory, and the accelerometer available in an AirTag can be used to turn the device into a covert audio recorder. Recording sound by using accelerometers is possible, but it’s not free of technical complications and challenges. It also depends on how the PCB of the device is mounted, how tight the enclosure is, etc. The researcher promised to look into this possibility at a later stage, so we’ll learn about that soon.

The AirTag was released in the market only ten days ago, and it’s already been hacked. We’re not saying that Apple touted it as the most secure device ever, and there’s obviously no way to include a dedicated security chip in it, etc., but this says a lot about the power of determination in hacking.

Also, this forces Apple’s engineers to take remediation steps almost immediately after the product launch. The urgency depends on how useful and dangerous the cracking potential of the small device is going to be, but ignoring the researcher’s findings will be impossible.

REVIEW OVERVIEW

Latest

How to Watch Two Shallow Graves: The McStay Family Murders Online From Anywhere

If you enjoy crime documentaries, we have a recommendation for you as Investigation Discovery has just released a brand-new limited docu-series. It...

How to Watch Beat Shazam Season 5 Online From Anywhere

The game show that will have you on your feet is set to launch a new season pretty soon, and we have...

How to Watch Don’t Forget the Lyrics! Online From Anywhere 

It's summer, so game shows are on! The newest addition to the list comes from Fox, and it's a revival of a...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari