Apple’s AirTag was introduced and launched not too way back, however evidently lower than a month since its official unveiling, the gadget has already been hacked. Now the excellent news is that this hack comes from IT safety researcher stacksmashing on Twitter, which means it’s extra about displaying off the chance fairly than doing it for malicious functions.
Within the hack, what the researcher did was he managed to reverse engineer the microcontroller within the AirTag, though evidently it wasn’t as simple as he had imagined as he really bricked two AirTags within the course of. Nonetheless, as soon as he did entry the microcontroller, he reflashed it and made adjustments to how the gadget functioned.
Yesss!!! After hours of making an attempt (and bricking 2 AirTags) I managed to interrupt into the microcontroller of the AirTag! 🥳🥳🥳
/cc @colinoflynn @LennertWo pic.twitter.com/zGALc2S2Ph
— stacksmashing (@ghidraninja) Could eight, 2021
Principally what he did was he modified the URL on the AirTag to a distinct one. For these questioning, when an AirTag has been put into misplaced mode, each time an NFC-enabled gadget like an iPhone or an Android telephone is put near the AirTag, they’ll get a immediate that can open their browser and redirect them to Apple’s web site the place they will get in contact with the proprietor.
Nonetheless, by modifying the URL, it implies that somebody might purposely depart “misplaced” AirTags mendacity round for individuals to choose up, and once they try to launch the web site, they could possibly be redirected malicious content material as a substitute. It’s unclear how Apple plans to answer this problem nevertheless it feels like one thing that undoubtedly must be addressed.
Filed in. Learn extra about Airtags, Hack, Privateness and Safety.