A New AirTags Hack Results in a Malicious Web site As a substitute of the Return to Proprietor Web page – Evaluate Geek

Posted on

Apple AirTag Key Ring attached to car keys
Justin Duino

Apple AirTags arrived with a lot fanfare (and a few trepidation). We’ve already seen teardowns, drill hacks, and even hide-and-seek video games. However now a safety researched proved it’s attainable to hack an AirTag and alter it to show {custom} websites when telephones can its NFC tag.

That bit may not seem to be a giant deal, but it surely’s vital to recollect how AirTags work whenever you don’t have an iPhone. If you happen to occur upon an AirTag and also you’re an Android person, you’ll be able to faucet it with NFC to open Apple’s return web page. Hopefully, as a Good Samaritan, you’ll help in returning the machine.

However with a custom-loaded website, a foul actor might theoretically trick a well-meaning individual into scanning a tag and opening a malicious website. That might result in devastating outcomes, particularly if the cellphone in query isn’t totally updated.

As spotted by The 8-Bit, safety analysis “stacksmashing” posted the proof of idea on Twitter. He managed to interrupt into the AirTag’s microcontroller, and reflash the machine to vary its NFC web site info.

Now the present proof of ideas are hardly finish of world demonstrations. AirTags are onerous to get ahold of in the intervening time, they usually’re not tremendous low cost. It’s numerous effort and cash to spend, solely to take the prospect that somebody wouldn’t simply pocket the machine, or use NFC faucet to entry the positioning. But it surely’s nonetheless worrying nonetheless, and may make you assume twice about scanning that errant AirTag you discovered on the road. Which doesn’t assist Apple’s promise to retrieve your lacking AirTag in the long term.

via The 8-Bit

Source link

Gravatar Image
I love to share everything with you

Leave a Reply

Your email address will not be published. Required fields are marked *