A hacker was able to track a person unnoticed for five days with a replica Airtag. The hacker wants to point out security problems with Apple’s Airtag.
The stalking and security problem with the Apple Airtag runs deep. A hacker has now demonstrated this clearly: He was able to track a person for five days with a modified Airtag. The person being pursued did not receive any messages or notifications. The experiment was mutually agreed with the person.
The hacker’s goal was to draw Apple’s attention to the risk of unofficial Airtgs. To do so, he created a “Stealth Airtag,” which includes a power bank and ESP32 firmware. As a result, this fake Airtag has no serial number and is not associated with an Apple ID.
The hacker has gradually worked through the security functions specified by Apple. For example, the loudspeaker that is supposed to play a notification sound: The hacker’s Airtag simply has no speaker, which circumvented this first issue. He points out that air tags with manipulated loudspeakers can be bought online already.
Monitored are not notified via Airtag
The notification that an Airtag is moving with the individual was also bypassed. The modified Airtag constantly sends new signals that the iPhone has not received before. The smartphone is fooled into believing that there are always new air tags in its vicinity and that no one is moving with it.
Only the “Airguard” app created by the TU Darmstadt was able to recognize the Airtag clone. In the manual scanning function, the app automatically assigns a new device to each detected signal. This is how the app also recognizes the replica Airtag.
Overall, the hacker’s attempt showed how difficult it is for those being pursued to recognize an Airtag, especially if it has been copied or modified. The hacker hopes that his experiments have contributed to improved security.