Blog Summary- Lost AirTags can be potentially dangerous as a security flaw allows to enter a malicious code to it. Read the blog to find out all about Apple’s AirTags vulnerabilities.
Not only have AirTags been widely appreciated for its technology, they are becoming largely popular with the Apple users. But did you know a simple coding mistake on the AirTags has made you vulnerable to serious malware threats. Yes, the AirTags have been used to detect your lost personal items and are carried with you everywhere. But did you know this small smart Bluetooth device can be very dangerous for you.
AirTags are the next-generation tracking devices by Apple. We are talking about your iPhone, iPad, iPod Touch which work with Find My Network to find your lost items attached to AirTags such as keys, backpacks etc. So, if you lost that backpack somewhere on your day out, you can now easily search it with your Find My Network on your Apple devices given the AirTag is attached with it. AirTags use the Bluetooth signals from anonymous iPhone devices to help you guide you to your lost items.
Technology has progressed to help us in the form of small and convenient smart devices such as smartwatch, Bluetooth earplugs, etc. But with the small size of these devices, it also gets difficult to check for the authentic weblinks, URLs, and applications before using them. That’s what the malicious threat actors take advantage of and get into your system and account to steal from you.
Also read: Apple Mail Can be Vulnerable to Email Hack
Why are AirTags not safe?
Apple is known for its security and in recent days has been targeted for a lot of security flaws in many of its devices. Now, the latest news has its AirTags vulnerability uncovered by a researcher. This easily implies that AirTag is easily vulnerable to malware threats as anyone can change the codes in it. Let’s find out more about it here –
According to Bobby Rauch, security consultant and penetration tester Apple’s AirTags are vulnerable. If someone has turned on the Lost Mode on the AirTag that could open up this device to malicious threats. AirTags include contact information being displayed over someone’s phone when they are scanned. This was supposed to help the owner to receive them back from the spotter. But, as the information page will show up with Contact name and phone number on their device, it also easily allows the malware to creep into the device. This in case is highly dangerous as anyone can put malware codes to AirTags and you can’t find that out.
Publication reported – “Security consultant and penetration tester Bobby Rauch discovered that Apple’s AirTags — tiny devices which can be affixed to frequently lost items like laptops, phones, or car keys — don’t sanitize user input. This oversight opens the door for AirTags to be used in a drop attack. Instead of seeding a target’s parking lot with USB drives loaded with malware, an attacker can drop a maliciously prepared AirTag,”
How can malware be added on AirTags?
If you are wondering how a hacker can get into the tight security of Apple’s AirTag then let us break it down. The AirTag asks you to Custom message for its Lost Mode, which is then displayed to anyone who finds it when lost. It will be displayed after it is scanned on an iOS or Android device, using NFC. It will show up your contact details to help you get it back.
But once you enable the Lost Mode on your AirTags which is certain for every user, it will generate a webpage from Apple. This will contain all the information such as the AirTag’s serial number, customized message to be displayed when found and the phone number. In the case of a hacker, they can easily add a payload in the field given for the phone number. Sadly, it also does not require a very good hacker as it’s a simple XSS code which can later on harm the person finding it. Ranging from the iCloud cloning, and collecting personal details from the person who scans it on their device.
However, this is not the first time that AirTags are under the radar of high risk for cyber threats. AirTags which were only launched this year in April in the Apple Event 2021 with other software and hardware. But they have already received the threats for being vulnerable to malware in multiple ways. Earlier it was another researcher named Fabian Braunlein to point out the vulnerability with text messages on Find My Network. Another study conducted on AirTags usage, has shown that it can reveal your location to stalkers and put you in danger. As you enter the global monitoring network by using the AirTags it can also be high risk if it is under cyber-attack.
Must Read: How Can An iPhone And iPad Get Hacked?
With yet another security flaw from Apple, doesn’t it leave the user’s privacy to stake? Who would have thought that AirTags, which are making their way to so many people’s lives for usability, can also become a hazard? If someone as big as Apple also leaves room for mistakes in its devices, who should we trust?
We hope this article helps you keep up with the ongoing AirTags error. We would like to know your views on this post to make it more useful. Your suggestions and comments are welcome in the comment section below. Share the information with your friends and others by sharing the article on social media.
We love to hear from you!
We are on Facebook, Twitter and YouTube. For any queries or suggestions, please let us know in the comments section below. We love to get back to you with a solution. We regularly post tips and tricks along with solutions to common issues related to technology.