The tracker 'AirTag' that tells you the exact location of genuine Apple lost items is hacked

Apple's lost item tracker ' AirTag ' released on April 21, 2021 was immediately hacked by security researchers.

Security researcher hacks AirTag; modifies NFC URL for Lost Mode
https://the8-bit.com/airtags-hacked-for-first-time/

AirTag hacked for the first time by security researcher [Video] ―― 9to5Mac
https://9to5mac.com/2021/05/09/airtag-hacked-for-the-first-time-by-security-researcher-video/

German security researcher Stack Smashing tweeted that he had successfully hacked an AirTag microcontroller and rewritten the software on board.

According to Smashing said, the trial and error and two AirTag over 2 hours paperweight of After it and succeeded in invading the micro controller that is finally mounted on AirTag. Smashing explains that he succeeded in dumping the firmware and some important areas.

Yesss !!! After hours of trying (and bricking 2 AirTags) I managed to break into the microcontroller of the AirTag! ????????????

/ cc @colinoflynn @LennertWo pic.twitter.com/zGALc2S2Ph

— Stacksmashing (@ghidraninja) May 8, 2021

Normally, when you read the lost AirTag in the NFC area of your smartphone, you will see the dedicated URL 'found.apple.com'. However, Mr. Smashing succeeded in displaying his own URL on the hacked AirTag. If a malicious attacker like Smashing hacks AirTag, it will be possible to display URLs such as phishing sites.

Built a quick demo: AirTag with modified NFC URL ????

(Cables only used for power) pic.twitter.com/DrMIK49Tu0

— Stacksmashing (@ghidraninja) May 8, 2021

Mr. Smashing only changed the URL to his own in this hack, but it is also pointed out that it is possible to change other functions because he is hacking the microcontroller that is the brain part of AirTag.