Apple's AirTag helps people find and track items like their keys or computer bag. While consumers like its convenience, researchers are attracted to its technology. For example, at the IEEE's 2022 Symposium on Security and Privacy, a research team plans to present their paper on how they successfully cloned an AirTag with a Pi Pico!
The AirTag contains two significant ICs. The first is Nordic's nRF52832. It provides Bluetooth 5, Bluetooth Low Energy (BLE), and near field communication (NFC) connectivity to nearby iOS devices. For range finding, Apple uses its own U1 chip, which contains an Ultra-wideband (USB) radio.
Some people worry that carrying around a device that transmits location information to the cloud presents security and privacy concerns. For example, when anyone's iOS device detects an AirTag, it provides a conduit for the trackable to communicate its current location with iCloud. Fortunately, Apple designed the AirTag so that only an owner can identify the location of their tag. (A brief description of the key exchange is in the paper.)
This research paper focuses on how to perform a physical voltage glitch attack on the AirTag's nRF microcontroller. Of course, sophisticated tools like the ChipWhisperer can do voltage glitching. However, the research team found they needed only a Pi Pico, a level shifter, a capacitor, and a MOSFET. It takes about three and a half minutes to glitch an AirTag with their AirTag glitcher code running on the Pico.
A successful glitch attack causes the nRF MCU to enable its debug port. Once enabled, you can extract the existing firmware, upload new firmware, or clone an AirTag using an SWD-based programmer. For example, the research team downloaded the configuration data for one tag and then programmed another tag located 850 kilometers away. When the new AirTag booted, iCloud reported the new location!
Interestingly, this cloning demonstrates it is possible to program an AirTag using an existing configuration image without any provisioning from iCloud!
One important note to keep in mind is that this clone attack only works with physical access to the device. In other words, this cloning is not similar to the car key-fob cloning attacks, which work remotely.
In addition to clearly describing the voltage glitch attack, the well-written paper serves as an excellent primer on AirTags and BLE communication. Also, they include some ideas for alternative firmware to run on the nRF. For example, they attempted to use the AirTag's accelerometer as a make-shift microphone with custom firmware.