It looks like a Lightning cable, it works like a Lightning cable, and I can use it to connect my keyboard to my Mac. But it is actually a malicious cable that can record everything I type, including passwords, and wirelessly send that data to a hacker who could be more than a mile away.
This is the new version of a series of penetration testing tools made by the security researcher known as MG. MG previously demoed an earlier version of the cables for Motherboard at the DEF CON hacking conference in 2019. Shortly after that, MG said he had successfully moved the cables into mass production, and cybersecurity vendor Hak5 started selling the cables.
But the more recent cables come in new physical variations, including Lightning to USB-C, and include more capabilities for hackers to play with.
"There were people who said that Type C cables were safe from this type of implant because there isn't enough space. So, clearly, I had to prove that wrong. :)," MG told Motherboard in an online chat.
The OMG Cables, as they're called, work by creating a Wi-Fi hotspot itself that a hacker can connect to from their own device. From here, an interface in an ordinary web browser lets the hacker start recording keystrokes. The malicious implant itself takes up around half the length of the plastic shell, MG said.
MG said that the new cables now have geofencing features, where a user can trigger or block the device's payloads based on the physical location of the cable.
"It pairs well with the self-destruct feature if an OMG Cable leaves the scope of your engagement and you do not want your payloads leaking or being accidentally run against random computers," he said.
Motherboard only tested the cables in relatively close proximity, but MG said they've improved the range of the cables.
"We tested this out in downtown Oakland and were able to trigger payloads at over 1 mile," he added.
A screenshot provided by MG of the interior of an OMG Cable. Image: MG.
He said that the Type C cables allow the same sort of attacks to be carried out against smartphones and tablets. Various other improvements include being able to change keyboard mappings, the ability to forge the identity of specific USB devices, such as pretending to be a device that leverages a particular vulnerability on a system.
Apple did not respond to a request for comment. The set of cables MG provided to Motherboard for testing purposes also included a black USB-C to USB-C cable, which would be designed to mimic cables related to different, non-Apple products.
One of these is a malicious OMG Cable. Image: Motherboard.
The ongoing pandemic has also complicated the manufacturing process for the cables, MG explained.
"The pandemic has made an already difficult process much more difficult with the chip shortage. If any individual component is out of stock, it is basically impossible to find a replacement when fractions of millimeters are important. So I just have to wait 12+ months for certain parts to be in stock," MG told Motherboard in an online chat. "We will easily lose $10k in cables when testing a process change. During the chip shortage, it's hard not to look at a loss like that and see a whole bunch of dead components that cannot be replaced for over a year."
Subscribe to our cybersecurity podcast CYBER, here.