Several security issues have been found in the Apple AirTags. In less than two weeks after its release, users have transformed the AirTag into the ultimate spy gadget. Some experts have even cracked open the AirTag firmware and completely change its purpose.
AirTag is Apple's newest device accessory. It is a tracking device that features Precision Finding, a system that accurately reports its distance down to the last few inches. The AirTag is complementary to Apple's pre-existing "Find My" network, which helps Apple devices monitor each other so users can track their missing devices. However, it is essential to note that the system only exists in the Apple network and ecosystem.
Apple AirTag Firmware Security Hack
Tech Radar reported about Colin O'Flynn, a hardware researcher who managed to "jailbreak the AirTag" and configure it to sending malicious URLs to an iPhone. First, Colin broke down the hardware components of the AirTag. Later, he started identifying the AirTag's U1 chip and nRF firmware. He posted his finding through his Twitter account.
YouTuber stacksmashing continued hacking and posted his experiment in a YouTube video. He was quoted claiming to successfully "dump the firmware of the newly released Apple AirTags." After re-writing the code, he modified the AirTag firmware. The final product showed that if an iPhone scans his AirTag, the iPhone will receive a URL notification link to the website of the hacker's choice.
Apple Device Can Be Used for Malicious Intents
Earlier this week, Fabian Braulein also posted about another potential risk with Apple AirTag. Using the "Find My" network feature, the AirTag was used as a stalking device to pinpoint the target's location accurately. After a week of the device being planted, his friend whom he asked to stalk him gained access to his personal address and monitored his movements throughout San Francisco Bay.
AirTag Security Risk Discovered
Apple AirTag was also featured as a wallet-sized card by Andrew Ngai. He did so by following some steps on the internet to break down the AirTag case and recalibrate it to a new 3D printed mold.
All this information could be easily found online. Anybody who has a little bit of experience in hardware tweaking and basic programming could easily do the same. Unfortunately, Apple's AirTag proves that it has too few security features, both on its hardware and software integration.
AirTags remains a handy and efficient tool for many Apple users. Its system also seamlessly integrates with the pre-existing Apple systems, helping users adapt quickly. It also does a great job in tracking and monitoring your lost devices.
However, AirTag remains a significant security risk. For people who have malicious intentions, AirTags could easily be exploited and used for other motives. It is easy to hack and reprogram. Unfortunately, being part of the Apple ecosystem means that AirTag could threaten any and all other Apple devices.