AirTag Successfully Hacked to Show Custom URL in Lost Mode

by

The inevitable race to hack Apple's AirTag item tracker has reportedly been won by a German security researcher, who managed to break into the device's microcontroller and successfully modify its firmware.


Thomas Roth, aka Stack Smashing, shared his achievement in a tweet and explained that re-flashing the device's microcontroller had enabled him to change the URL for Lost Mode, so that it opens his personal website on a nearby iPhone or other NFC-enabled device instead of directly linking to an official Find My web address.

Managing to break into the microcontroller is a crucial hurdle to overcome to if the aim is to further manipulate the device's hardware. As The 8-Bit notes:

A microcontroller is an integrated circuit (IC) used for controlling devices usually via a microprocessing unit, memory, and other peripherals. According to AllAboutCircuits, "these devices are optimized for embedded applications that require both processing functionality and agile, responsive interaction with digital, analog, or electromechanical components."

Roth also shared a video comparing a normal ‌AirTag‌ to his modified device.


How the hack might be exploited in the wild is unclear at this time, but the fact that it can be done may open up avenues for the jailbreaking community to customize the device in ways Apple didn't intend. On a darker note, it could also present opportunities for bad actors to modify the ‌AirTag‌ software for the purposes of phishing and more.

That's assuming Apple isn't able to remotely block such a modified ‌AirTag‌ from communicating with the ‌Find My‌ network. Alternately, Apple might be able to lock down the firmware in a future ‌AirTag‌ software update. Watch this space.

Related Roundup: AirTag

Popular Stories

Apple Logo Zoomed

Tim Cook Teases Plans for Apple's Upcoming 50th Anniversary

Thursday February 5, 2026 12:54 pm PST by
Apple turns 50 this year, and its CEO Tim Cook has promised to celebrate the milestone. The big day falls on April 1, 2026. "I've been unusually reflective lately about Apple because we have been working on what do we do to mark this moment," Cook told employees today, according to Bloomberg's Mark Gurman. "When you really stop and pause and think about the last 50 years, it makes your heart ...
Read Full Article148 comments
iOS 26

iOS 26.3 and iOS 26.4 Will Add These New Features to Your iPhone

Tuesday February 3, 2026 7:47 am PST by
While the iOS 26.3 Release Candidate is now available ahead of a public release, the first iOS 26.4 beta is likely still at least a week away. Following beta testing, iOS 26.4 will likely be released to the general public in March or April. Below, we have recapped known or rumored iOS 26.3 and iOS 26.4 features so far. iOS 26.3 iPhone to Android Transfer Tool iOS 26.3 makes it easier...
Read Full Article37 comments
imac video apple feature

Apple Makes Its Second-Biggest Acquisition Ever

Tuesday February 3, 2026 12:45 pm PST by
Apple recently acquired Israeli startup Q.ai for close to $2 billion, according to Financial Times sources. That would make this Apple's second-biggest acquisition ever, after it paid $3 billion for the popular headphone maker Beats in 2014. This is also the largest known Apple acquisition since the company purchased Intel's smartphone modem business and patents for $1 billion in 2019....
Read Full Article
wwdc sans text feature

Apple Rumored to Announce New Product on February 19

Thursday February 5, 2026 12:22 pm PST by
Apple plans to announce the iPhone 17e on Thursday, February 19, according to Macwelt, the German equivalent of Macworld. The report, citing industry sources, is available in English on Macworld. Apple announced the iPhone 16e on Wednesday, February 19 last year, so the iPhone 17e would be unveiled exactly one year later if this rumor is accurate. It is quite uncommon for Apple to unveil...
Read Full Article
Finder Siri Feature

Why Apple's iOS 26.4 Siri Upgrade Will Be Bigger Than Originally Promised

Friday February 6, 2026 3:06 pm PST by
In the iOS 26.4 update that's coming this spring, Apple will introduce a new version of Siri that's going to overhaul how we interact with the personal assistant and what it's able to do. The iOS 26.4 version of Siri won't work like ChatGPT or Claude, but it will rely on large language models (LLMs) and has been updated from the ground up. Upgraded Architecture The next-generation...
Read Full Article152 comments

Top Rated Comments

krewger Avatar
krewger
62 months ago
So…. It’s been hacked to be a customizable nfc tag. Looks like a lot of trouble to go through. I could also just put new nfc tags inside the AirTag’s case and accomplish the same thing. Security on your personal device is already in place - the link is displayed on the phone asking if you want to open it first before visiting the URL. https://electronics.howstuffworks.com/nfc-tag.htm
Score: 21 Votes (Like | Disagree)
Puonti Avatar
Puonti
62 months ago

The AirTag does not carry other data than its own position.
I don't believe this is accurate. As I understand it:

An AirTag does not know where it is. All it does for location tracking is transmit radio waves. Devices that do know where they are can detect the AirTag, and then tell the FindMy network "I am at this location, and hey there's an AirTag here".
Score: 18 Votes (Like | Disagree)
Jumpinbeans Avatar
Jumpinbeans
62 months ago
Basically if you find an airtag and don't know why its there or who it belongs to and its not worth scanning as it may be compromised - smash it :)
Score: 17 Votes (Like | Disagree)
szw-mapple fan Avatar
szw-mapple fan
62 months ago

So if you lose your AirTag and then find it after one day for example, you cannot trust it anymore? Or if you find someones AirTag should you be also wary of placing it near your own phone? This gets interesting.
This won't apply to the vast vast majority of users. It's a security exercise that's just to prove it's possible. People who needs to be worried about this type of exploits won't be using any trackers of this type anyways.
Score: 14 Votes (Like | Disagree)
Unregistered 4U Avatar
Unregistered 4U
62 months ago
Next up from security researchers
“SWALLOWING AIRTAGS COULD COMPROMISE YOUR DIGESTIVE SYSTEM… WHAT YOU NEED TO KNOW”
or
“if you glue your house key to your airtag and then lose it, AIRTAGS COULD ALLOW SOMEONE ENTRY INTO YOUR HOUSE!”
Score: 11 Votes (Like | Disagree)
tomekwsrod Avatar
tomekwsrod
62 months ago
So if you lose your AirTag and then find it after one day for example, you cannot trust it anymore? Or if you find someones AirTag should you be also wary of placing it near your own phone? This gets interesting.
Score: 9 Votes (Like | Disagree)
Read All Comments