During the Spring Loaded event on April 20, Apple unveiled the latest tracking device, the AirTag.
Less than a week after its release, however, German security researcher Thomas Roth found a way to hack it.
He then hacked the microcontroller on the AirTag and entered the URL of his personal website instead of the FindMyDevice web address, which is the NFC URL that was shared when the AirTag was put into lost mode.
This microcontroller controls AirTag’s processing unit, memory and other devices, giving the hacker the ability to control it as he pleases.
Although he did not elaborate on how this was done, the MacRumors website points out that it could be very useful for processes such as phishing attacks.
However, Apple will soon fix this vulnerability through a software update, which will prevent devices with such modified firmware from connecting to the Find My network, and will lock down the firmware as well.