According to security researcher Bobby Raunch, the attack exploits the way Lost Mode of AirTags is set up.
Although Apple’s Bluetooth-enabled item trackers called AirTags are pretty helpful as you can attach important objects like wallets or keys to prevent them from going missing, they are still vulnerable to hacking and not entirely trustworthy.
According to penetration tester and security researcher Bobby Raunch and cybersecurity blogger Brian Krebs, there is an exploit that allows AirTags to be used as credential hacking and data theft vectors.
This issue is attributed to its design flaw that lets hackers use them for malicious purposes.
About the Good Samaritan Attack
The attack exploits the way Lost Mode is set up. It can easily be used to target a good Samaritan, which in this scenario, refers to anyone who finds a lost AirTag and intends to return it to its legit owner.
According to Krebs’ blog post, this is a classic scheme that works pretty much the same way as a hacker leaving a malware-infected flash drive in a public space, such as a company parking lot, and someone picks it up and plugs the drive into their computer, which unleashes