Be Careful Who You Trust – Even With A Charging Cable
This is the moral of the story.
A security researcher from California, known as MG, figured out a way to hack computers with just a modified iPhone charging cable. This is really interesting since it is different than most ways in which computers can be exploited.
MG published a blog post here saying everything you need to know.
The premise is quite simple. MG cuts a lightning cable, adds custom components and then puts everything back together. The scary thing is that this modified cable performs and looks just like the one you would buy from the store.
The security researcher showed how the cable, dubbed OMGCable (funny, right?), can be used to remotely hijack a MAC that was connected to it. Various commands were executed.
“It’s like being able to sit at the keyboard and mouse of the victim but without actually being there.”
This pretty much sums it up perfectly. All that a hacker would need to do is type the fake cable’s IP address on the browser on his phone. From there, it is complete chaos.
The big problem here is that you cannot actually realize that you are faced with a fake lightning cable. Any dishonest person can easily replace yours with the fake one. Fortunately, the hacker can just access your MAC just from 300 feet tops. Still possible though.
According to MG, the plan is to sell these modified cables as security tools. Basically, he wants to help law enforcement agencies. The price will be around $100. However, there is no reason why a dishonest hacker would not craft his own cable now that the news is out.
Be sure that you use only your cables, the ones that you bought from the retail store. Also, unfortunately, it looks like we also have to start keeping an eye on our charging cables, not just phones.