While our phones are running low on battery, we do not think twice before inserting a USB to charge it. Also, while transferring files to and fro other devices, we consider the simple wire as benign. Recently, in a demonstration at DefCon 27, a hacker by the online handle MG infected a simple iPhone USB lightning cable with “a small Wi-Fi-enabled implant, which, when plugged into a computer, lets a nearby hacker run commands as if they were sitting in front of the screen”, TechCrunch reports.
Per Motherboard, MG made these cables by hand, painstakingly modifying real Apple cables to include the implant.
MG told Motherboard, “It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable.” These dummy cables named as “O.MG cables” are visually indistinguishable from the original cables. They also work similar to an original piece, allowing users to charge their devices via USB or transfer files from their iOS devices.
The hacker not only showcased the infected cable at DefCon but has also put these similar cables on sale for $200. “There has been a lot of interest and support behind this project,” MG says on his blog, “and lots of requests on how to acquire a cable. That’s a great feeling!”
Once the cable is plugged into a device, it enables an attacker to mount a wireless hijack of the computer. “Once plugged in, an attacker can remotely control the affected computer to send realistic-looking phishing pages to a victim’s screen, or remotely lock a computer screen to collect the user’s password when they log back in,” TechCrunch writes.
“In the test with Motherboard, MG connected his phone to a wifi hotspot emanating out of the malicious cable in order to start messing with the target Mac itself. MG typed in the IP address of the fake cable on his own phone’s browser and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim’s computer”, Motherboard’s Joseph Cox writes.
On being asked how close an attacker should be plugged in device, MG said, “I’m currently seeing up to 300 feet with a smartphone when connecting directly.” “A hacker could use a stronger antenna to reach further if necessary. But the cable can be configured to act as a client to a nearby wireless network. And if that wireless network has an internet connection, the distance basically becomes unlimited.” he added.
Now MG wants to get the cables produced as a legitimate security tool; he said the company Hak5 is onboard with making that happen. These cables would be made from scratch rather than modified Apple ones, according to Motherboard.
MG said, “Apple cables are simply the most difficult to do this to, so if I can successfully implant one of these, then I can usually do it to other cables.”
How can one avoid getting tricked by the dummy USB lightning cables?
Users should ensure they do not go by the looks of the external packaging if any random cable is simply lying around. One should also avoid accepting unsolicited chargers, USB dongles, or similar components as gifts from people they do not trust. Also, one should avoid borrowing chargers from people they do not know.
While purchasing any tech component, users should choose from legit sources online or from any physical ensured locations where the packaging hasn’t been tampered with. While out in public places, one should always ensure their devices, cables, USB dongles, and other components are nearby and secure.
A user on HackerNews is infuriated over why major vendors like Windows, macOS, and Linux have not implemented these basic precautions “It’s a severe discredit to the major operating system vendors that plugging in a USB stick can still compromise a system.”
The user further adds, “If a USB device identifies itself as a keyboard, the system shouldn’t accept its keystrokes until either that keyboard has typed the user’s login password, or the user uses a different input device to authorize it. If it identifies itself as a storage device, the filesystem driver should be hardened. If it identifies itself as an obscure 90s printer with a buggy driver written in C, it should prompt the user to confirm the device type before it loads the driver.”
Another user on HackerNews wondered how one could ensure the cables sold online are legitimate; he writes, “Even more frightening, people selling them as seemingly legitimate cables on Amazon? People will pay you and you get a new botnet. How many could you sell before it’s discovered? How can I, as a consumer, even tell? Amazon will even allow you to sell your malcable under the Apple brand.”
To know more about this news in detail, head over to Motherboard complete report.