Obsessed with technology?
Subscribe to the latest tech news as well as exciting promotions from us and our partners!
By subscribing, you indicate that you have read & understood the SPH's Privacy Policy and PDPA Statement.
News
News Categories

PSA: Your computer can now be hacked from a simple Lightning cable

By Marcus Wong - on 14 Aug 2019, 3:02pm

PSA: Your computer can now be hacked from a simple Lightning cable

Motherboard reports that a security researcher known as MG has successfully modified his Lightning cable to allow him to gain remote access to the computer that it’s plugged into.

"It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," said the security researcher known as MG.

In a demonstration to Motherboard, MG had the writer plug his cable into his computer. MG then typed in the IP address of the cable to his phone’s browser and was presented with a list of options such as opening a terminal to the writer's Mac, from which all manner of tools could be run.

Dubbed the "O.MG cable", the cable comes with various scripts that an attacker can run, and there’s also a “kill” switch so the hacker can remotely disable the USB implant, hiding his traces. MG says the cables were made by hand, with real Apple cables modified to include the implant.

Because the malicious cable is able to act as a Wi-Fi hotspot, MG is also able to connect to the cable wirelessly, so the attacks can come from up to 300 feet away via a simple smartphone. However, he says the cable could also be configured to act as a client to a wireless network connected to the internet. In this case, the distance basically becomes unlimited; a scary thought for those of us using Lightning cables on a regular basis.

It seems MG has already sold a large batch of his hacked cables at Defcon.

Working with a group of fellow developers, MG has already released the cable out in the wild at Defcon; selling them for US$200 a piece. However, he apparently now wants to have the cables produced as a legitimate security tool, and will make the new cables from scratch instead of modifying Apple ones.

Nothing has been said as to the number of cables that were sold, but it's safe to say this concept is out in the wild, just waiting to be taken further. We'd recommend to be certain of the source of your Lightning cables; at least the ones you plug into your computer for data transfer. That new cable might just be the gateway a hacker needs to your information.

Sources: Motherboard, MacRumors, MG's blog

Loading...