AirTag Hack replaces URL for lost mode

Launched in April during the Spring Loaded event, Apple’s AirTag is drawing the attention of modders and security researchers. We recently saw how a YouTuber turned an AirTag into a wallet tracker and now a security researcher has put AirTag’s security to the test.

AirTag hacked?

First reported by 8 bits, a German security researcher and a stacksmashing YouTuber took to Twitter to share how they got into the AirTag microcontroller. After that they managed to change url when AirTag is in lost mode – the feature that allows you to mark your AirTag as lost.

Under normal circumstances, AirTag will direct users to “” when it comes close to an NFC-enabled smartphone. However, with the modified AirTag from stacksmashing, the tracker takes users to a modified URL. Take a look at the demo video below:

stacksmashing also demonstrated harmless rickrolling with the modified AirTag:

So, does that mean you should be concerned as an AirTag owner? Not really, at least for the moment. Although this is technically the first jailbroken AirTag, it requires physical access to the tracker. The process is not straightforward and stacksmashing says they bricked two AirTags during this project. However, this opens up many possibilities for hackers to reuse the AirTag for phishing attacks if you scan a modified AirTag.

It won’t be surprising that Apple will succeed in blocking these AirTags out of the Find My network for the foreseeable future. The Cupertino giant could also soon deploy a software update to lock the firmware in order to avoid these possibilities. Meanwhile, AirTag owners have also found a way to access Apple AirTag’s hidden developer mode.

Comments are closed.