Apple AirTag Hacked, Says Security Researcher Who Found Loopholes to Modify Firmware

German security researcher Thomas Roth who goes by the name “stacksmashing” on Twitter has been able to “break into” the microcontroller of the AirTag.

Advertisement
By Jagmeet Singh | Updated: 10 May 2021 11:45 IST
Highlights
  • Apple AirTag has been hacked by Thomas Roth
  • The researcher posted details about the hack on Twitter
  • Apple AirTag’s Lost Mode could be tweaked once it’s hacked
Apple AirTag Hacked, Says Security Researcher Who Found Loopholes to Modify Firmware

Apple AirTag is claimed to be designed with privacy and security at its core

Photo Credit: Apple

Apple AirTag, the Bluetooth tracker that was unveiled last month to let people find their lost items, is claimed to have some security loopholes that could allow hackers to modify its firmware. A security researcher has demonstrated the loopholes by hacking the AirTag using reverse engineering. The researcher claimed on Twitter that he was able to modify the default NFC link available through the tracker by reflashing its microcontroller. This appears to be the first successful “jailbreak” attempt on the AirTag, which Apple claims to be designed with privacy and security at its core.

German security researcher Thomas Roth who goes by the name “stacksmashing” on social media tweeted on Sunday that he was able to successfully hack the Apple AirTag by “breaking into” its microcontroller. He claimed that after gaining access to the microcontroller, he reprogrammed the AirTag and modified its firmware.

The changes made by the security researcher allowed him to tweak the functionality of the AirTag and put a custom NFC link when it is in the Lost Mode, as shown in a video posted on Twitter.

 

Normally, when the AirTag is in the Lost Mode, it shows a notification when scanned by an NFC-capable smartphone, such as an iPhone or an Android smartphone, with a link to the found.apple.com website (part of the Find My network) to display information about the owner.

Advertisement

The hackers could be able to leverage the loopholes showcased on Twitter to target those who found the lost AirTag to malicious websites, instead of displaying information about the user. However, Roth did mention in his tweets that it took hours for him to bring modifications. He also said that he bricked a couple of AirTags before reaching success.

Apple claimed privacy and security as the core features of the AirTag at the time of its official announcement last month. However, the tweets posted by Roth suggest that the Cupertino company may need to bring an update to block firmware-level modification.

Advertisement

Gadgets 360 has reached out to Apple for a comment and will update this space when the company responds.


We dive into all things Apple — iPad Pro, iMac, Apple TV 4K, and AirTag — this week on Orbital, the Gadgets 360 podcast. Orbital is available on Apple Podcasts, Google Podcasts, Spotify, and wherever you get your podcasts.
Affiliate links may be automatically generated - see our ethics statement for details.
 

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Apple AirTag, AirTag, Apple
Advertisement

Related Stories

Popular Mobile Brands
  1. Apple's M4 Mac Mini Price in India Drops to Rs. 49,999 With These Discounts
  2. Poco F7 Design Spotted in Leaked Renders; Battery Specifications Revealed
  1. OnePlus Pad Lite Design and Key Specifications Leaked, Could Launch Soon
  2. Samsung's Upcoming Running Events Reportedly Hint at Galaxy Z Fold 7, Flip 7 and Watch 8 Series Launch Timeline
  3. Poco F7 Design Spotted in Leaked Renders; Battery Specifications Revealed via Flipkart
  4. Neuralink Device Helps Monkey See Something That’s Not There
  5. Apple's Mac Mini With M4 Chip Price in India Drops to Rs. 49,999 With Discounts on Amazon
  6. Samsung Galaxy M36, Galaxy F36 Spotted on Google Play Console; Galaxy M36 Launch Reportedly Teased via Amazon
  7. Google, Scale AI's Largest Customer, Said to Plan Split After Meta Deal
  8. SpaceX Launches 26 New Starlink Satellites, Expands Global Internet Network
  9. Aurora Alert! Northern Lights May Be Visible as Far South as New York on June 14
  10. New Island Forms in Caspian Sea as Water Levels Drop, Russian Scientists Confirm
Gadgets 360 is available in
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2025. All rights reserved.