Apple's Airtag could be hacked and its software changed, as a security researcher who explored the microcontroller discovered, found that several elements can be reprogrammed to change their specific functions.
German security researcher "Stack Smashing" posted on Twitter that he was able to "open the microcontroller" of the AirTag.
After a few hours and destroying multiple Airtags in the process, the researcher was able to download the firmware and eventually found that the microcontroller could be reprogrammed, altering its programming to change its operation.
An initial demo showed an AirTag with a modified NFC URL which, when scanned with an iPhone, showed a custom URL instead of the expected link to “found.apple.com”.
Be careful when scanning for untrusted AirTags or this could happen to you pic.twitter.com/LkG5GkvR48
– stacksmashing (@ghidraninja) 9 maggio 2021
Although in the early stages, research shows that a lot of knowledge and effort is required to modify an AirTag. During the demonstration video, the modified AirTag is shown connected by cables, said to power the device.
It is possible that similar techniques could be applied for malicious purposes, although it is currently unclear how far this will go.
Since its launch, a hidden debugging mode has been found in AirTags, which gives developers much more information they would need about the device hardware.
