Security Researcher Develops Lightning Cable With Hidden Chip to Steal PasswordsA normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed,
Vice reports.
<div class="center-wrap">
The "OMG Cable" compared to Apple's Lightning to USB cable.</div>
The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a mile away. They work by creating a Wi-Fi hotspot that a hacker can connect to, and using a simple web app they can record keystrokes.
The cables also include geofencing features that allow users to trigger or block the device's payloads based on its location, preventing the leakage of payloads or keystrokes from other devices being collected. Other features include the ability to change keyboard mappings and the ability to forge the identity of USB devices.
<div class="center-wrap"><iframe width="560" height="315" src="
https://www.youtube.com/embed/CqnXchka9Ec" title="YouTube video player" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen data-thumb-size="hqdefault"></iframe></div>
The cables contain a small implanted chip and are physically the same size as authentic cables, making it extremely difficult to identify a malicious cable. The implant itself apparently takes up around half of the length of a USB-C connector's plastic shell, allowing the cable to continue to operate as normal.
<div class="center-wrap">
An x-ray view of the implanted chip inside the USB-C end of an OMG Cable.</div>
The cables, made as part of a series of penetration testing tools by the security researcher known as "MG," have now entered mass production to be sold by the cybersecurity vendor Hak5. The cables are available in a number of versions, including Lightning to USB-C, and can visually mimic cables from a range of accessory manufacturers, making them a noteworthy threat to device security.<div class="linkback">Tag:
Lightning</div>
This article, "
Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords" first appeared on
MacRumors.comDiscuss this article in our forums
<div class="feedflare">
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img>[/url]
<img src="[url]http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img>[/url]
</div><img src="
http://feeds.feedburner.com/~r/MacRumors-Front/~4/RObLH95NWPI" height="1" width="1" alt=""/>
Source:
Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords
