These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer

Posted on Aug 11, 2019

These Legit-Looking iPhone Lightning Cables Will Hijack Your Computer

It looks like an Apple lightning cable. It works like an Apple lightning cable. But it will give an attacker a way to remotely tap into your computer.

I plugged the Apple lightning cable into my iPod and connected it to my Mac, just as I normally would. My iPod started charging, iTunes detected the device, and my iPod produced the pop-up asking if I wanted to trust this computer. All expected behaviour.

But this cable was hiding a secret. A short while later, a hacker remotely opened a terminal on my Mac’s screen, letting them run commands on my computer as they saw fit. This is because this wasn’t a regular cable.

Instead, it had been modified to include an implant; extra components placed inside the cable letting the hacker remotely connect to the computer. One idea is to take this malicious tool, dubbed O.MG Cable, and swap it for a target’s legitimate one. MG suggested you may even give the malicious version as a gift to the target—the cables even come with some of the correct little pieces of packaging holding them together.

MG typed in the IP address of the fake cable on his own phone’s browser, and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim’s computer.

Source: vice.com