Someone managed to jailbreak an AirTag already
What you need to know
- Someone has been able to hack an AirTag to give them control over its behavior.
- A hacker has been able to have an AirTag direct users to their own website via Lost Mode.
That didn't take long.
Little more than a week after going on sale, Apple's AirTag item track has already been jailbroken.
First spotted by The 8-Bit. German researcher 'stacksmashing' has been able to hack their way into an AirTag's software, changing how it behaves when put into Lost Mode.
German security researcher and YouTube content creator that goes by the name Stack Smashing tweeted today that they were successful in "breaking into the microcontroller of the AirTag." They were then able to re-flash the microcontroller that enabled them to modify elements of AirTag's software.
With the new software in place the hacked AirTag presents a custom URL when scanned in Lost Mode. Normally, scanning a lost AirTag would redirect users to Apple's website but this particular AirTag doesn't. And that could open the door for all kinds of weird, wonderful, and perhaps dangerous things in the future.
Built a quick demo: AirTag with modified NFC URL 😎— stacksmashing (@ghidraninja) May 8, 2021
(Cables only used for power) pic.twitter.com/DrMIK49Tu0
It isn't clear yet what else, if anything, a jailbroken AirTag could be forced to do or whether Apple could plug this hole via a software update in a similar method to how AirPods receive updates. Tim will tell.
Hacked or not, there are some great accessories around for the new AirTag. We've listed some of the best accessories for AIrTags you can find – doing the research so you don't have to!