AirTag Successfully Hacked to Show Custom URL in Lost Mode

by

The inevitable race to hack Apple's AirTag item tracker has reportedly been won by a German security researcher, who managed to break into the device's microcontroller and successfully modify its firmware.


Thomas Roth, aka Stack Smashing, shared his achievement in a tweet and explained that re-flashing the device's microcontroller had enabled him to change the URL for Lost Mode, so that it opens his personal website on a nearby iPhone or other NFC-enabled device instead of directly linking to an official Find My web address.

Managing to break into the microcontroller is a crucial hurdle to overcome to if the aim is to further manipulate the device's hardware. As The 8-Bit notes:

A microcontroller is an integrated circuit (IC) used for controlling devices usually via a microprocessing unit, memory, and other peripherals. According to AllAboutCircuits, "these devices are optimized for embedded applications that require both processing functionality and agile, responsive interaction with digital, analog, or electromechanical components."

Roth also shared a video comparing a normal ‌AirTag‌ to his modified device.


How the hack might be exploited in the wild is unclear at this time, but the fact that it can be done may open up avenues for the jailbreaking community to customize the device in ways Apple didn't intend. On a darker note, it could also present opportunities for bad actors to modify the ‌AirTag‌ software for the purposes of phishing and more.

That's assuming Apple isn't able to remotely block such a modified ‌AirTag‌ from communicating with the ‌Find My‌ network. Alternately, Apple might be able to lock down the firmware in a future ‌AirTag‌ software update. Watch this space.

Tag: AirTag Guide

Popular Stories

iPhone 16 Battery Life Feature

iOS 26's New Battery Life Mode is Limited to These iPhone Models

Friday August 1, 2025 8:26 am PDT by
iOS 26 introduces an Adaptive Power Mode on the iPhone, alongside the existing Low Power Mode. Apple says that Adaptive Power Mode can make "small performance adjustments" when necessary to extend an iPhone's battery life, including slightly lowering the display brightness or allowing some activities to "take a little longer." The full description of Adaptive Power Mode, from the iOS 26...
Read Full Article
iphone 16 pro models 1

iPhone 17 Pro Max Rumored to Have 3 Advantages Over iPhone 17 Pro

Thursday July 31, 2025 3:00 am PDT by
Apple's highest-end iPhone 17 Pro Max model may have three key advantages over the smaller iPhone 17 Pro model, according to rumors. Specifically, the iPhone 17 Pro Max is expected to have…A larger 6.9-inch display (vs. 6.3-inch display on the iPhone 17 Pro) Even longer battery life (an approximately 5% thicker design may allow for a 5,000 mAh or higher battery capacity) A smaller Dynamic...
Read Full Article67 comments
maxresdefault

iPhone 17 Pro Launching Next Month With These 12 New Features

Tuesday August 5, 2025 6:25 am PDT by
The calendar has turned to August, and that means the iPhone 17 series is just one month away. Apple has yet to officially announce an event, but it has been rumored that the devices will be announced on Tuesday, September 9. Subscribe to the MacRumors YouTube channel for more videos. Below is the August 2025 edition of our iPhone 17 Pro rumor recap, for an up-to-date overview of what to...
Read Full Article45 comments
maxresdefault

Google Makes Fun of Apple Intelligence Siri Delay in Ad Promoting Pixel 10

Monday August 4, 2025 10:04 am PDT by
Google today used Apple's Siri failure to lure customers to the upcoming Pixel 10 series, sharing an ad that calls out the delayed Apple Intelligence Siri functionality. With the spot, Google is shaming Apple for the misstep, suggesting Apple users should purchase a Pixel 10 smartphone instead.If you buy a new phone because of a feature that's coming soon... But it's been coming soon for...
Read Full Article230 comments
iPhone 17 Pro in Hand Feature Lowgo

iPhone 17 Pro's Metal Battery Allegedly Revealed [Updated]

Saturday August 2, 2025 7:30 am PDT by
Update — August 2: Majin Bu now says that this battery is actually for the iPhone 17 Pro, instead of the iPhone 17 Air as they originally claimed. There will apparently be two variants, for models with and without a physical SIM card tray. "Due to a miscommunication with my source, the information I reported yesterday is incorrect," said Majin Bu. Original story follows. A leaker...
Read Full Article113 comments
Apple TV 2025 Thumb 3

New Apple TV Still Launching This Year

Tuesday August 5, 2025 4:14 am PDT by
Apple is still on track to release a new Apple TV model later this year, according to a reliable source speaking to MacRumors. According to a source familiar with the company's plans, Apple is highly likely to replace the current Apple TV 4K with a new model later this year. The current model will be discontinued. Today's Apple TV 4K came out in 2022, featuring the A15 Bionic chip,...
Read Full Article83 comments

Top Rated Comments

krewger Avatar
krewger
55 months ago
So…. It’s been hacked to be a customizable nfc tag. Looks like a lot of trouble to go through. I could also just put new nfc tags inside the AirTag’s case and accomplish the same thing. Security on your personal device is already in place - the link is displayed on the phone asking if you want to open it first before visiting the URL. https://electronics.howstuffworks.com/nfc-tag.htm
Score: 21 Votes (Like | Disagree)
Puonti Avatar
Puonti
55 months ago

The AirTag does not carry other data than its own position.
I don't believe this is accurate. As I understand it:

An AirTag does not know where it is. All it does for location tracking is transmit radio waves. Devices that do know where they are can detect the AirTag, and then tell the FindMy network "I am at this location, and hey there's an AirTag here".
Score: 18 Votes (Like | Disagree)
Jumpinbeans Avatar
Jumpinbeans
55 months ago
Basically if you find an airtag and don't know why its there or who it belongs to and its not worth scanning as it may be compromised - smash it :)
Score: 17 Votes (Like | Disagree)
szw-mapple fan Avatar
szw-mapple fan
55 months ago

So if you lose your AirTag and then find it after one day for example, you cannot trust it anymore? Or if you find someones AirTag should you be also wary of placing it near your own phone? This gets interesting.
This won't apply to the vast vast majority of users. It's a security exercise that's just to prove it's possible. People who needs to be worried about this type of exploits won't be using any trackers of this type anyways.
Score: 14 Votes (Like | Disagree)
Unregistered 4U Avatar
Unregistered 4U
55 months ago
Next up from security researchers
“SWALLOWING AIRTAGS COULD COMPROMISE YOUR DIGESTIVE SYSTEM… WHAT YOU NEED TO KNOW”
or
“if you glue your house key to your airtag and then lose it, AIRTAGS COULD ALLOW SOMEONE ENTRY INTO YOUR HOUSE!”
Score: 11 Votes (Like | Disagree)
tomekwsrod Avatar
tomekwsrod
55 months ago
So if you lose your AirTag and then find it after one day for example, you cannot trust it anymore? Or if you find someones AirTag should you be also wary of placing it near your own phone? This gets interesting.
Score: 9 Votes (Like | Disagree)
Read All Comments