Apple’s latest gadget, the AirTag, has been hacked for the first time within two weeks of its launch in April 2021. A security researcher has been able to hack the accessory by modifying its NFC URL for Lost Mode.
The security researcher, Stack Smashing tweeted that he had been able to break into the microcontroller of the AirTag. Once he had broken in, he had modified elements of the item tracker software. This gives complete access to the hacker, and he can decide to do what he wants with it.
In the below video, we can see the difference in activity between a hacked AirTag and an un-hacked one. The regular AirTag opens the Find My website, whereas the hacked one opens a completely different URL. This can be used for phishing attacks.
What does the AirTag do?
The small circular AirTag can be attached to items like keys and wallets to allow these accessories to be tracked using Bluetooth right alongside Apple devices in the Find My app. The prices are modest compared to other Apple products. A single AirTag costs $29, and a pack of four cost $99.
How was AirTag hacked?
The below video gives a detailed walkthrough of how the security researcher hacked the AirTag.
Till now, Apple has neither commented on this nor issued a fix for it.