These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer
Electronics & Gadgets  
vice

It looks like an Apple lightning cable. It works like an Apple lightning cable. But it will give an attacker a way to remotely tap into your computer.

 

I plugged the Apple lightning cable into my iPod and connected it to my Mac, just as I normally would. My iPod started charging, iTunes detected the device, and my iPod produced the pop-up asking if I wanted to trust this computer. All expected behaviour.
 
But this cable was hiding a secret. A short while later, a hacker remotely opened a terminal on my Mac's screen, letting them run commands on my computer as they saw fit. This is because this wasn't a regular cable. Instead, it had been modified to include an implant; extra components placed inside the cable letting the hacker remotely connect to the computer.
 
"It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," the security researcher known as MG who made these cables told Motherboard after he showed me how it works at the annual Def Con hacking conference.
 
One idea is to take this malicious tool, dubbed O.MG Cable, and swap it for a target's legitimate one. MG suggested you may even give the malicious version as a gift to the target—the cables even come with some of the correct little pieces of packaging holding them together.
 
MG typed in the IP address of the fake cable on his own phone's browser, and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim's computer.
 
"It’s like being able to sit at the keyboard and mouse of the victim but without actually being there," MG said.
 
The cable comes with various payloads, or scripts and commands that an attacker can run on the victim's machine. A hacker can also remotely "kill" the USB implant, hopefully hiding some evidence of its use or existence.
 
MG made the cables by hand, painstakingly modifying real Apple cables to include the implant.
 
"In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at Def con were mostly done the same way," he said. MG did point to other researchers who worked on the implant and graphical user interface. He is selling the cables for $200 each.
 
In the test with Motherboard, MG connected his phone to a wifi hotspot emanating out of the malicious cable in order to start messing with the target Mac itself.
 
"I’m currently seeing up to 300 feet with a smartphone when connecting directly," he said, when asked how close an attacker needs to be to take advantage of the cable once a victim has plugged it into their machine. A hacker could use a stronger antenna to reach further if necessary, "But the cable can be configured to act as a client to a nearby wireless network. And if that wireless network has an internet connection, the distance basically becomes unlimited." he added.
 
Now MG wants to get the cables produced as a legitimate security tool; he said the company Hak5 is onboard with making that happen. These cables would be made from scratch rather than modified Apple ones, MG said.
 
MG added, "Apple cables are simply the most difficult to do this to, so if I can successfully implant one of these, then I can usually do it to other cables."

 
 


 
 


 
More in Electronics & Gadgets
PLAYSTATION 5 TO ARRIVE ON FEBRUARY 5TH – PRICE, SPECS AND ALL

As the arrival date for the PlayStation 5 draws closer, there has been more information than usual. A few days ago, there were reports that the official slogan of t...

Recently posted . 8 views

View: A $21 billion telecom war comes down to just $2

New Delhi wants nearly $21 billion in back license fees and spectrum usage charges, including penalties, interest.  

Recently posted . 10 views

iPhone 12 with 6.7-inch display to be thinner than iPhone 11 Pro Max, ...

The latest reports also claim that the 6.7-inch iPhone 12 model will be slightly taller than the iPhone 11 Pro Max and feature a triple-lens rear camera with larg...

Recently posted . 13 views

Reliance Jio launches UPI payments, to take on Google Pay, Paytm and o...

Reliance has rolled out the new feature within the MyJio app and has made it available to select users (like WhatsApp did with its payment service) ...

Recently posted . 54 views

I tried Microsoft's new browser on my MacBook and got a peculiar surpr...

Could anyone possibly be excited by, or even interested in, a new browser. I tried the new Microsoft Edge on my MacBook Air and examined my feelings.

Recently posted . 15 views

 
 
 

Prashnavali

Thought of the day

I am not afraid. I was born to do this.
Anonymous