Sooner or later it had to happen. Hackers only needed 10 days to access Apple’s AirTag and use it to do things as dangerous as phishing.
One of the tech trends we’re seeing this year are location beacons. They are nothing new, as they have been around for years, but everything becomes trendy when used by companies like Apple or Samsung.
Apple released its location tag AirTag just 10 days ago, and has already been hacked. These are devices that do no favor with security experts, as they are used to track people and therefore violate privacy. Apple itself states on its website that they are not used to place them on children or pets.
Electronics AirTag, about the size of a soda plate, they are placed on the key fob so as not to lose the keys, for example, as they can be located within a range of about 15 meters using Bluetooth 5, and anywhere in the world with the help of other users and the Apple network. They are also used with suitcases, valuables, and ultimately anything you want to locate if lost.
If, for example, your suitcase is stolen or lost and you’ve placed an AirTag inside, when someone with an iPhone or iPad walks by, communicate with AirTag anonymously via Bluetooth and he will send a locate notice to the owner of the suitcase.
Also if someone connects to AirTag via mobile by NFC, shows you a way to communicate with the owner of the suitcase, to return it.
German security expert whose Twitter name is Stack Smashing says hacked the AirTag, and he demonstrates it in this video:
This hacker has take control of the AirTag microcontroller, allowing you to do really dangerous things, like change the web page that AirTag displays to the person who connects by NFC to try to return the object to its owner.
Instead of viewing the page with Apple’s contact information, you can use any other website. This is used for phishing i.e. to impersonate Apple and redirect the user to a malicious website where they could ask for their password or something else.
Apple tracking device that allows you to locate your items through the Search app on your iPhone or iPad via Bluetooth. If you have an iPhone 11 or iPhone 12, use ultra-wideband technology to locate with centimeter accuracy.
Fortunately AirTag hacked This is the job of a security expert and not a cybercriminal, so has already put all the information in Apple’s hands to fix it. It is possible that Apple has already taken this possible hack into account and is blocking any manipulated website like the one the hacker modified.
But it’s always good news that potential security vulnerabilities are discovered and companies are looking to fix them.
–
