Hacking just continues to get more and more sophisticated. Cables now exist that can mimic “real” cables but also provide an avenue for hackers to steal your data. The newest versions of the OMG cable mimic an Apple lightning cable and USB-C cable. But while they charge or connect your devices, a hacker is stealing your information or possibly offloading malware.
The Birth of OMG Lightning and USB-C Cables
Worse yet, this threatening accessory was created just to prove people wrong.
MG, a security researcher, created the OMG cables. More recent iterations of the OMG cables mimic Apple Lightning and USB-C cables. These are used to attach an accessory, such as a keyboard, to your computer or charge a phone or other device. With the new connection types, hackers have more capabilities to play with.
“There were people who said that type C cables were safe from this type of implant because there isn’t enough space. So, clearly, I had to prove that wrong :),” wrote MG in an online chat of his newest cables.
How OMG Cables Work
An OMG cable creates a Wi-Fi hotspot that allows hackers to connect to it. The hacker uses their own device to connect to the hotspot via an interface on a browser. This allows them to start recording the keystrokes of the person using the OMG cable.
These cables have an implant to do their dirty work and now also have geofencing features. This allows the hacker to start stealing data or offloading malware based on location.
“It pairs with the self-destruct feature if an OMG cable leaves the scope of your engagement, and you do not want your payloads leaking or being accidentally run against random computers,” said MG.
“We tested this out in downtown Oakland and were able to trigger payloads at over one mile,” he continued. This is a frightening reality.
The OMG cables now having USB-C technology means the hacking isn’t confined to just computers – now the attacks can be carried out on smartphones and tablets as well. The new capabilities of the OMG cable allow it to be used to change keyboard mapping and fake the identity of devices.
As a reminder, the hacker isn’t using the OMG…