Security Researcher Breaks into the Microcontroller of Apple AirTag and Modifies Firmware for Phishing Attacks

Published  May 12, 2021   0
S Staff
Author
Apple AirTag Microcontroller

It has just been a little more than 10 days since the tech giant Apple has announced the launch of its new tracking device “AirTag” and today, the device has been hacked by a group of security researchers. For those who don’t know, Airtag is an IoT-based product tracking device that can be used to track products and personal stuff like keys, wallets, etc. The AirTag can be attached to a product and paired with the owner's iPhone. If the person misplaces the product and loses their AirTag, it would send its location to any nearby stranger’s iOS device via Bluetooth Low Energy (BLE) and then reach the owner's iPhone using the internet. While this leverages the large iPhone Network to Apple users' benefit, it has already raised security concerns.

The AirTag being a coin-shaped device is powered by a Panasonic CR2032 3V Coin cell and uses BLE and Ultra-Wide Band signals to communicate with your iPhone. The brain behind this tracking device is Apple’s U1 chip, along with a nRF52 Microcontroller for wireless communications. Today, security researchers have managed to break into this microcontroller and re-flash its firmware with some tweaks to compromise its security.  

The news broke out on the stack smashing twitter thread which belongs to a German security researcher called Thomas Roth. Thomas has managed to hack into the microcontroller of AirTag using reverse engineering and was able to modify the default NFC link with a custom link of his choice by re-flashing the firmware on the nRF52 microcontroller.

Normally, when a person scans the AirTag using NFC, it should display the owner’s information from found.apple.com, but the modified AirTag from Thomas can be programmed to open any link of our choice. You can also check out the demo video, which is on Twitter that compares a normal Airtag with a rigged one. This loophole could possibly be used by a potential hacker in phishing attacks and other cyberattacks to lure people into malicious websites.  

The news should possibly come as a bad surprise for Apple who is already being criticized for privacy and security problem with their AirTags. It is still not clear how Apple would respond to this problem, but most likely the apple network is expected to make server-side modifications to block all non-standard AirTags from its network.