Apple AirTag Can Be Hacked, But It's Not as Bad as It Sounds

Slashgear reports that a security researcher was able to reprogram one of Apple's new AirTags, "but the process and the end result might not yet be worth the worry."Like any electronic device, especially "smart" ones, the Apple AirTag has a microcontroller that orchestrates its activities... In a nutshell, Stack Smashing "hacked" the AirTag microcontroller to modify its firmware and make it do something other than what it is designed to. That, at least for now, meant linking to a different URL when an NFC-enabled phone "taps" the tracker. Normally, it would link to found.apple.com in order to initiate the Lost Mode process. This hack could be used to make phones go to some nefarious website but getting to that point might not exactly be straightforward. The security researcher hasn't disclosed yet the process but he admits bricking at least two AirTags to get there. Unless the tracker's firmware can be modified remotely over the air, the only way you'll get a hacked AirTag would be if you acquired it through other parties. This AirTag hack might actually be less worrying than the debug menu that Apple may have accidentally left enabled before shipping the trackers. Fortunately, that might be something that is easily fixed with a firmware update...

Read more of this story at Slashdot.