German security researcher stacksmashing was able to break into, dump, and reflash the microcontroller of Apple's AirTag object-location product.
As a result, the researcher was able to analyze the dumped firmware to determine how the device functions.
Tapping any Near-Field Communication-enabled smartphone to an AirTag set to Lost Mode generates a notification with a link to found.apple.com so users can contact the owner of the lost object.
stacksmashing was able to reprogram the AirTag to generate a non-Apple URL while in Lost Mode, a vulnerability that an advanced attacker potentially could exploit to get high-value targets to open a custom malware site.
Apple is expected to respond to the first "jailbroken" AirTag with server-side efforts to block nonstandard AirTags from its network.
From Ars Technica
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA