An iPhone Charger Can Hijack Your Computer
Most people wouldn’t even consider the possibility of a charging cable jeopardizing the security of one of their devices. But one hacker wants to raise awareness about the potential dangers malicious charging cables could pose.
A hacker commonly known online as “MG”, rigged an Apple USB Lightning cable with a small Wi-Fi enabled implant, which would allow a nearby hacker to run commands to the device once it’s plugged in. The cable was dubbed the “O.MG Cable.”
The cable is indistinguishable from an ordinary Apple Lightning cable, and all a hacker would have to do is swap it out with a user’s legitimate cable and wait for them to plug the device in. Then the attacker could remotely transmit malicious payloads to the user’s device.
While MG used an Apple Lightning as demonstration, he says the implant can be used in almost any cable and against most target computers, “This specific Lightning cable allows for cross platform attack payloads, and the implant I have created is easily adapted to other USB cable types,” MG said. “Apple just happens to be the most difficult to implant, so it was a good proof of capabilities.”
“Most people know not to plug in random flash drives these days, but they aren’t expecting a cable to be a threat,” he said. “So this helps drive home education that goes deeper.”
The idea that a simple charging cable could pose a serious security threat only heightens the need to ensure sound security measures for businesses and individuals alike.
Story via TechCrunch