If the AirTag has been set to lost mode, the new $30 AirTag tracking device from Apple has a feature that lets anyone who finds one of these tiny location beacons scan it with a mobile phone and know its owner’s phone number. However, according to new research, the Good Samaritan can be redirected to an iCloud phishing page – or any other malicious website.

The AirTag’s “Lost Mode” allows users to notify Apple when an AirTag goes lost. When you set it to Lost Mode, it produces a unique URL at https://found.apple.com and allows you to enter a personal message and contact phone number. Anyone who finds the AirTag and scans it with an Apple or Android phone will see the unique Apple URL with the owner’s message right away.

When scanned, an AirTag in Lost Mode will display a brief message instructing the finder to contact the owner at the phone number provided. This data appears without requiring the finder to log in or enter any personal information. However, the common Good Samaritan may be unaware of this.

This is significant because Apple’s Lost Mode currently does not prevent users from putting arbitrary computer code into its phone number field — for example, code that prompts the Good Samaritan’s device to visit a bogus Apple iCloud login page.

Bobby Rauch, a security consultant and penetration tester located in Boston, discovered and reported the issue to Apple. According to Rauch, the AirTag flaw makes the devices cheap and potentially very effective physical trojan horses.

Also read,

“I can’t think of another scenario when so little consumer-grade tracking devices at such a low cost may be weaponized,” Rauch added.

Consider the following scenario: an attacker leaves a malware-infected USB flash drive in the parking lot of a company he wishes to break into. The chances are that some employees will pick up the disc and insert it into a computer just to check what’s on it (the drive might even be titled something enticing, like “Employee Salaries”).

You’re not far off the mark if this sounds like a plot from a James Bond film. The infamous Stuxnet virus was most likely introduced into the internal, air-gapped network that powered Iran’s nuclear enrichment facilities a decade ago through a USB stick with malware. A USB flash drive left in the parking lot of a US Department of Defense facility was linked back to a cyber attack billed at the time as the “biggest penetration of US military networks in history.”

In today’s version of the story, a weaponized AirTag tracking device may be used to lead the Good Samaritan to a phishing page or a website that attempts to install malicious software on her device.

Rauch contacted Apple about the flaw on June 20, but the firm would only tell that it was still investigating for three months when he enquired about it. Last Thursday, Rauch received a follow-up email from the company, in which they stated that they planned to resolve the flaw in an upcoming update and that in the meantime, would he mind not discussing it publicly?

Rauch claimed that Apple never responded to basic queries he had concerning the flaw, such as if they had a timetable for addressing it and, if so, whether they planned to credit him in the accompanying security warning. Or whether his submission would be eligible for Apple’s “bug bounty” program, which offers monetary prizes of up to $1 million to security experts who discover security flaws in Apple devices.

Rauch stated that he has reported numerous software vulnerabilities to other vendors over the years and that Apple’s lack of communication prompted him to go public with his findings — despite Apple’s claim that staying silent about a bug until it is fixed is how researchers qualify for recognition in security advisories.

“I told them, ‘I’m happy to cooperate with you if you can provide some information of when you plan on remediating this, and whether there would be any recognition or bug bounty payout,’” Rauch said, adding that he told Apple he intended to publish his results within 90 days of alerting them. “Their response was essential, ‘We’d like it if you didn’t release this.'”

Rauch’s experience is similar to that of other academics cited in a recent Washington Post article about how unpleasant it can be to report security flaws to Apple, a notoriously secretive company. The most common concerns were that Apple takes too long to resolve bugs, that it does not always compensate or publicly credit hackers for their disclosures, and that researchers frequently receive little or no feedback from the firm.

Of course, there is the possibility that some researchers will decide it is less of a burden to sell their vulnerabilities to vulnerability brokers or on the darknet, both of which sometimes pay significantly more than bug bounty rewards.

There’s also a chance that disgruntled researchers would simply publish their results online for everyone to see and exploit, regardless of whether the vendor has issued a patch. Earlier this week, a security researcher going by the pseudonym “illusion of chaos” published writeups on three zero-day vulnerabilities in Apple’s iOS mobile operating system, ostensibly in response to irritation with Apple’s bug reward program.

According to Ars Technica, Apple corrected an issue that llusionofchaos discovered on April 29, but Apple failed to credit him in their security alert.

“Frustration with Apple’s failure to keep its promises prompted illusionofchaos to threaten, then publicly withdraw this week’s three zero-days,” writes Jim Salter for Ars. “In illusionofchaos’ own words: ‘Ten days ago, I requested for an answer and threatened that if I didn’t get one, I would make my study public.’ ‘Because my plea was rejected, I’m doing what I stated I’d do.'”

Rauch admits that the AirTag problem he discovered isn’t the most pressing security or privacy issue Apple is dealing with right now. However, he claims that it is not difficult to address this specific flaw, which necessitates extra limits on the data that AirTag users can enter into the Lost Mode’s phone number settings.

“It’s a relatively simple fix,” he remarked. “However, I suppose they’d also like to figure out how this was missed in the first place.”

Requests for comment from Apple have gone unanswered.