Apple’s new AirTags have been hacked — but not in any way that you need to worry about.
German hardware hacker Thomas Roth, aka GhidraNinja, posted on Twitter Saturday (May 8) that he had managed to extract, alter and reload an AirTag’s firmware.
When he put the AirTag in “Lost Mode” and pointed his iPhone at it, the phone’s browser was sent to Roth’s own website instead of Apple’s Find My website.
Built a quick demo: AirTag with modified NFC URL 😎(Cables only used for power) pic.twitter.com/DrMIK49Tu0May 8, 2021
Later, Roth changed it so that the hacked AirTag Rickrolled him:
Be careful when scanning untrusted AirTags or this might happen to you😆 pic.twitter.com/LkG5GkvR48May 9, 2021
What are the dangers of this AirTag hack?
There aren’t many.
A criminal could possibly distribute “lost” AirTags that would send the iPhone browsers of random people who come across it to malicious websites, as SlashGear pointed out.
But that wouldn’t deliver much bang for the buck, unless you had a specific high-value person as your target. Roth said he bricked two of the devices before getting it right with the third; Because AirTags costs 35 euros ($42 in U.S. dollars) apiece in Germany, or 119 euros for a pack of four, Roth is already out more than $100.
Would it be possible to possibly hack an AirTag via Bluetooth?
Maybe, but that’s not what Roth did. He broke open an AirTag, removed its circuit board and soldered wires to various points on the board until he got something that worked.
He hasn’t yet given out the details of how he did it, but knowledgeable hardware hackers might be able to get a head start on replicating his results just by looking at the images Roth posted on Twitter.
Yesss!!! After hours of trying (and bricking 2 AirTags) I managed to break into the microcontroller of the AirTag! 🥳🥳🥳/cc @colinoflynn @LennertWo pic.twitter.com/zGALc2S2PhMay 8, 2021
Would it be possible to hack an AirTag so that you could track other people secretly?
You might be able to, especially if you could disable the speaker or modify the firmware so that the AirTag couldn’t emit its warning chirps, which start after the AirTag has been out of range of its paired iPhone for three days.
But frankly, it’s already pretty easy to track other people secretly using an AirTag, especially people who don’t carry up-to-date iPhones.
So what’s the point of hacking an AirTag then?
To be able to say that you’re the first to hack a new device. This really is what motivates many hackers, whether they’re good, bad or otherwise.
And with that it’s time for me to get some sleep 🙂 This was a ton of fun!(Also, can I now claim I was first to “hack” an Apple device?!)May 8, 2021