Apple AirTag hacked and reprogrammed by security researcher

A security researcher has found that Apple’s AirTag can be hacked and its software reprogrammed to modify specific functions of the device.

Modified AirTag (image: Stack Smashing)
Modified AirTag (image: Stack Smashing)

AirTags help keep track of and find items via Apple’s Find My app. Whether attached to a handbag, keys, backpack, or other items, AirTag taps into the vast, global Find My network and can help locate a lost item, all while keeping location data private and anonymous with end-to-end encryption.

Taha Broach for The 8-bit:

German security researcher and YouTube content creator that goes by the name Stack Smashing tweeted [Sunday] that they were successful in “breaking into the microcontroller of the AirTag.” They were then able to re-flash the microcontroller that enabled them to modify elements of AirTag’s software.

In this case, the security researcher Stack Smashing quickly demonstrated one of the things they could do with their “Modified AirTag.” They tweaked the URL that appears within a notification when an AirTag enabled in Lost Mode is tapped on by an NFC-enabled device (which includes smartphones other than iPhones) to promote their own website. Usually, the AirTag will redirect to a “found.apple.com” website for displaying Lost Mode information related to the owner.

MacDailyNews Take: Everything can be hacked. Since Apple’s secure Find My network is required for AirTag’ s Lost Mode functionality, Apple could employ a server-side defense against modified AirTag units.

2 Comments

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.