acm-header
Sign In

Communications of the ACM

Home/News/Security Researcher Successfully Jailbreaks Apple.../Full Text
ACM TechNews

Security Researcher Successfully Jailbreaks Apple AirTag

By Ars Technica
May 13, 2021
Comments
View as: Print Mobile App Share:
A dissasembled AirTag.

German security researcher stacksmashing was able to break into the microcontroller of Apple's new AirTag object-location product.

Credit: stacksmashing

German security researcher stacksmashing was able to break into, dump, and reflash the microcontroller of Apple's AirTag object-location product.

As a result, the researcher was able to analyze the dumped firmware to determine how the device functions.

Tapping any Near-Field Communication-enabled smartphone to an AirTag set to Lost Mode generates a notification with a link to found.apple.com so users can contact the owner of the lost object.

stacksmashing was able to reprogram the AirTag to generate a non-Apple URL while in Lost Mode, a vulnerability that an advanced attacker potentially could exploit to get high-value targets to open a custom malware site.

Apple is expected to respond to the first "jailbroken" AirTag with server-side efforts to block nonstandard AirTags from its network.

From Ars Technica
View Full Article

 

Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account