AirTag vulnerability turns tracker into Trojan horse, fix incoming

A recently discovered AirTag weakness allows would-be attackers to redirect users to a malicious webpage when the device is scanned in Lost Mode, effectively turning the tracker into a Trojan horse.

Lost Mode is a tentpole AirTag capability that, when activated, allows anyone with an NFC-capable device to scan the tracker and read a programmed discovery message that includes an owner's phone number. The feature assists in the return of lost items like car keys if the Find My network fails to locate a lost AirTag.Researcher Bobby Rauch has uncovered a vulnerability that turns Lost Mode into a potential attack vector. Outlined by Krebs on Security, the feature generates a unique URL at https://found.apple.com, where owners can enter a personal message and phone number should the device be found. Rauch discovered that Apple's systems do not prevent injection of arbitrary code into the phone number field, meaning unsuspecting good Samaritans who scan the device can be sent to a malicious website.

Read more...