A security researcher named Mike Grover has created harmless-looking lighting cables capable of hacking your computer account just by plugging them in. Called the O.MG cables, these cables are fitted with a wireless access point inside their USB connector.
The O.MG cables
Once plugged into a computer, the O.MG cables can be triggered to let a hacker remotely connect to your device. "It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," Grover told Motherboard.
Grover made the cables in his kitchen by hand, modifying real Apple cables, and is now selling them for $200 each. Motherboard asked about the distance required for the hack to work.
OMG! 2 months + 8 devs + O•MG Cable = malicious wireless implant update!— _MG_ (@_MG_) April 12, 2019
This update brought to you by the chaos workshop elves: @d3d0c3d, @pry0cc, @clevernyyyy, @JoelSernaMoreno, @evanbooth, @noncetonic, @cnlohr, @RoganDawes
More info: https://t.co/kkhUppsqiC#OMGCablepic.twitter.com/fIzOaKJSxL
"I’m currently seeing up to 300 feet with a smartphone when connecting directly," said Grover. "But the cable can be configured to act as a client to a nearby wireless network. And if that wireless network has an internet connection, the distance basically becomes unlimited."
Legitimate security tools
The technology is not new. Supposedly the NSA had their own version of the O.MG cables called COTTONMOUTH.
Before you dismiss this as just a Defcon toy, it should be noted that Grover is looking into producing the cables as legitimate security tools. And the company Hak5 is reportedly on board.
This means the cables would be made from scratch rather than modified, making them even less suspicious-looking. You have to wonder what kind of security tool would work with a hack. For now, we will just have to learn to be a lot more careful with our cables too.