AirTag Hack Shows How Scammers Can Use The Device For Phishing Attacks

AirTag has only been out for just 10 days but we have seen multiple attempts by hackers and enthusiasts who want to modify the device one way or another.

The latest AirTag hack comes from German security researcher Stack Smashing. In this particular hack the hacker was able to break into the microcontroller of the AirTag and successfully modify elements of the item tracker’s software. This hack is essentially a ‘jailbreak’ for the AirTag.

In this hack Stack Smashing demonstrated to us that it is possible to change the NFC URL of a AirTag. This is the URL that opens when a iPhone or Android device is brought near to the AirTag. Apple has designed a special page on the Find My website that lets the finder of an AirTag see who that AirTag belongs to and contact them.

Once this NFC URL had been modified on the AirTag, the device opens a custom URL added by the hacker when an iPhone or Android device is brought near to it instead of loading up Apple’s official Find My website. This can be seen in the video accompanying Stack Smashing’s tweet. As you can see the video shows a normal AirTag and a modified AirTag with a custom URL.

With this hack we can see that after an AirTag has been hacked an attacker could attempt a phishing attack on a user who finds a ‘lost’ AirTag modified by a hacker and scans it with his or her device. After scanning user would assume the website that has opened is Apple’s website, however an attacker could design a similar website and add it as NFC URL for AirTag, and potentially steal that user’s information without their knowledge.

We have yet to see how Apple’s responds to this hack and whether it is able to block hacked AirTags from accessing the Find My network.

More About AirTag:


Total
1
Shares
Related Posts