A researcher made a Lightning cable that may hack your laptop

Dale Earnhardt Jr. and Family Survive Fiery Plane Crash In Tennessee
August 16, 2019
Soldier Awarded Army Commendation Medal for Act of Heroism During El Paso Shooting
August 16, 2019

A researcher made a Lightning cable that may hack your laptop

You in all probability already know that plugging unknown USB flash drives into your laptop is dangerous. There’s an opportunity {that a} bug might give a hacker entry to your private information. But now, it’s not simply drives to be cautious of. A safety researcher has proven how USB cables, even ones that appear like Apple’s Lightning cable, might hijack your machine.

Mike Grover, a safety researcher who reportedly works for Verizon Media and goes by “MG” online, has developed modified Lightning cables that may hack somebody’s laptop, as first reported by Motherboard. MG bought a handful of the “O.MG cables” on the safety convention Def Con, and is working with on-line safety merchandise retailer Hak5 to sell a version of the Lightning-lookalike cable for round $100, he hopes.

MG tells The Verge that his cables look and performance like the usual Lightning cable you get together with your iPhone. But MG hid software program and {hardware}, together with a wi-fi entry level, inside its USB connector. When the cable is plugged into a pc, it may be triggered remotely to aim to steal a consumer’s login credentials or set up malicious software program.

OMG! 2 months + 8 devs + O•MG Cable = malicious wi-fi implant replace!

This replace dropped at you by the chaos workshop elves: @d3d0c3d, @pry0cc, @clevernyyyy, @JoelSernaMoreno, @evanbooth, @noncetonic, @cnlohr, @RoganDawes

More data: https://t.co/kkhUppsqiC#OMGCable pic.twitter.com/fIzOaKJSxL

— _MG_ (@_MG_) April 12, 2019

Cables just like the O.MG cable have existed for over a decade, based on MG. “A lot of these capabilities, a lot of the attack surface, is really nothing new,” he says. The NSA additionally reportedly made a cable that, from what I can inform, is fairly related — it was referred to as COTTONMOUTH and may very well be plugged into somebody’s laptop to wirelessly ship software program to it.

But MG didn’t want the sources of the NSA. He did it in his kitchen, taking an off-the-shelf Lightning cable and modifying it with tiny circuit boards that he reduce himself utilizing a small private circuit board milling machine from Bantam Tools. He developed the software program that runs on the cable with a small staff of collaborators. “It doesn’t require a nation-state anymore to do this,” he says.

MG earlier {hardware} hacking historical past contains a modified Apple USB-C laptop charger that would hijack a consumer’s laptop and a USB thumb drive that literally explodes after installing malicious software. He picked a Lightning cable for this mission as a result of, “out of all of the USB-A connectors, the Apple ones are the hardest to interface with because they’re so small.” He figured that if he might modify a Lightning cable to be a hacking machine, he might modify different kinds of USB cables, too.

Though MG intends for the cable for use by safety researchers, it’s fairly essential to notice that he’s not simply promoting to them. Anyone might theoretically purchase it — together with a foul actor — which appears dangerous. But perhaps that’s the purpose right here; maybe there must be an actual menace for us to take it significantly. MG says he hopes that by documenting his work and promoting the cable at a retailer the place safety researchers already store, these researchers will suppose to defend in opposition to these malicious USB cables forward of potential assaults.

Comments are closed.