{"id":246208,"date":"2021-05-10T12:56:36","date_gmt":"2021-05-10T09:56:36","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/brain-genius-hacks-an-apple-airtag-but-dont-panic\/"},"modified":"2021-05-10T12:56:36","modified_gmt":"2021-05-10T09:56:36","slug":"brain-genius-hacks-an-apple-airtag-but-dont-panic","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/brain-genius-hacks-an-apple-airtag-but-dont-panic\/","title":{"rendered":"#Brain genius hacks an Apple AirTag\u2026 but don\u2019t panic"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a24d4c737c74\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a24d4c737c74\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/brain-genius-hacks-an-apple-airtag-but-dont-panic\/#Should_we_be_worried_that_someone_hacked_an_AirTag\" >Should we be worried that someone hacked an AirTag?<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong>#Brain genius hacks an <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">App<\/a>le AirTag\u2026 but don\u2019t panic<\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/img-cdn.tnwcdn.com\/image?fit=796%2C417&amp;url=https%3A%2F%2Fcdn0.tnwcdn.com%2Fwp-content%2Fblogs.dir%2F1%2Ffiles%2F2021%2F05%2Fheader-image-hacked-Apple-AirTag.png&amp;signature=83b4a8a6a3f286a476109cded7dc2f5a\" \/><\/p>\n<div>When I hear something\u2019s been hacked, it conjures images of Le Carr\u00e9-style spies and national security leaks, but this isn\u2019t always the case. Sometimes, it\u2019s just a brain genius hacking an Apple AirTag.<\/p>\n<p>Over the weekend, <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> user Stacksmashing <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ghidraninja\/status\/1391148503196438529\">managed to break into Apple\u2019s tracking device<\/a>. They also managed to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ghidraninja\/status\/1391152035693793280\">dump the firmware<\/a> of Apple\u2019s new device (although this hasn\u2019t been made public).<\/p>\n<p>Feast your eyes on this:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Yesss!!! After hours of trying (and bricking 2 AirTags) I managed to break into the microcontroller of the AirTag! \ud83e\udd73\ud83e\udd73\ud83e\udd73<\/p>\n<p>\/cc <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/colinoflynn?ref_src=twsrc%5Etfw\">@colinoflynn<\/a><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/LennertWo?ref_src=twsrc%5Etfw\">@LennertWo<\/a><a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/zGALc2S2Ph\">pic.twitter.com\/zGALc2S2Ph<\/a><\/p>\n<p>\u2014 stacksmashing (@ghidraninja) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ghidraninja\/status\/1391148503196438529?ref_src=twsrc%5Etfw\">May 8, 2021<\/a><\/p>\n<\/blockquote>\n<p>We can all agree on one thing: this is cool. Apple is renowned for the strong security of its devices, so actually hacking an AirTag is a fantastic achievement. But there\u2019s a bigger question to answer\u2026<\/p>\n<h2><span class=\"ez-toc-section\" id=\"Should_we_be_worried_that_someone_hacked_an_AirTag\"><\/span>Should we be worried that someone hacked an AirTag?<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p>Let\u2019s try and break this down logically. First, we need to find out exactly what\u00a0Stacksmashing managed to achieve. From a user perspective, the most notable element is they managed to <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ghidraninja\/status\/1391148503196438529\">alter the NFC URL<\/a>.<\/p>\n<p>Effectively, when you tap an AirTag with your phone, it normally directs you to Apple\u2019s Find My service.\u00a0Stacksmashing managed to alter this so it opened a website of their choice. Like this:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Be careful when scanning untrusted AirTags or this might happen to you\ud83d\ude06 <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/LkG5GkvR48\">pic.twitter.com\/LkG5GkvR48<\/a><\/p>\n<p>\u2014 stacksmashing (@ghidraninja) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/ghidraninja\/status\/1391336535929368576?ref_src=twsrc%5Etfw\">May 9, 2021<\/a><\/p>\n<\/blockquote>\n<div class=\"c-message_kit__gutter\">\n<div class=\"c-message_kit__gutter__right\" data-qa=\"message_content\">\n<div class=\"c-message_kit__blocks c-message_kit__blocks--rich_text\">\n<div class=\"c-message__message_blocks c-message__message_blocks--rich_text\">\n<div class=\"p-block_kit_renderer\" data-qa=\"block-kit-renderer\">\n<div class=\"p-block_kit_renderer__block_wrapper p-block_kit_renderer__block_wrapper--first\">\n<div class=\"p-rich_text_block\" dir=\"auto\">\n<p>Obviously this could be used to redirect someone towards a malicious website, but this hacked AirTag opens up another question: can it be used for\u00a0<i data-stringify-type=\"italic\">even more<\/i>\u00a0nefarious purposes?<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p>A point raised in <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/lyndsaygirton\/status\/1391286831166152715\">the Twitter thread<\/a> is whether or not this hacked or jailbroken AirTag could be used for tracking and recording. Effectively, someone could disable anti-stalking measures and follow you. It\u2019s also broadly possible to use the accelerometer inside the hardware to record audio. In other words, an AirTag\u00a0<em>could<\/em> become a spying device.<\/p>\n<p>So\u2026 should you be worried?<\/p>\n<p>Not really. At least not yet. In order to hack the AirTag, Stacksmashing had to take it apart, whip out the soldering iron, and power it externally. In other words, if someone\u2019s going to do this with an AirTag you own, it\u2019s gonna take a lot of time and access.<\/p>\n<p>If someone really wants to spy on you, there are far easier ways to do than this. An AirTag being hacked isn\u2019t going to impact you currently.<\/p>\n<p>Really, we should be pleased that someone\u2019s managed this feat. Apple is bound to take note of this and, hopefully, will take further steps to ensure that these devices can\u2019t be easily used to erode someone\u2019s privacy.<\/p>\n<p>Still, massive respect to\u00a0Stacksmashing. This is cool as fuck.<\/p>\n<p><i>Did you know we have a <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>letter all about consumer tech? It\u2019s called Plugged In \u2013<br \/>\n            <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/share.hsforms.com\/1tNyJLC_3RjuVWih9ygK_6A47gef\">and you can subscribe to it right here<\/a>.<br \/>\n            <\/i><\/p>\n<\/div>\n<p><script async src=\"\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more like this article, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/technology\/\" target=\"_blank\" rel=\"noopener\">Technology category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/thenextweb.com\/news\/genius-hacked-hacks-apple-airtag-security-analysis\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;#Brain genius hacks an Apple AirTag\u2026 but don\u2019t panic&#8221; When I hear something\u2019s been hacked, it conjures images of Le Carr\u00e9-style spies and national security leaks, but this isn\u2019t always the case. Sometimes, it\u2019s just a brain genius hacking an Apple AirTag. Over the weekend, Twitter user Stacksmashing managed to break into Apple\u2019s tracking device&#8230;.<\/p>\n","protected":false},"author":1,"featured_media":246209,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/img-cdn.tnwcdn.com\/image\/plugged?filter_last=1&fit=1280,640&url=https:\/\/cdn0.tnwcdn.com\/wp-content\/blogs.dir\/1\/files\/2021\/05\/header-image-hacked-Apple-AirTag.png&signature=307ac2255e535d32100e2ce8fcf6f3df","fifu_image_alt":"","footnotes":""},"categories":[18],"tags":[],"class_list":["post-246208","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/246208","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=246208"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/246208\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/246209"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=246208"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=246208"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=246208"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}