Dummy Lightning cables that allow them to gain remote control of computers they're
Mike Grover, who goes by the pseudonym MG, designed the "O.MG cable" to look exactly like a legitimate Lightning cable made by Apple -But they are modified with hardware (including a very tiny wireless access point) that allows a hacker to remotely run various scripts and commands and hijack a targeted device. MG advertised and sold the cable earlier this year at the DEF CON security conference in August 2019 for $ 200, telling motherboard they have been painstakingly crafted by hand in his kitchen. At the time, the motherboard was found to be easily populated.
Now, motherboard reported, MG says he has verified the cables can be made in a factory setting, setting the stage for the devices to be mass-produced. In fact, Hak5 already has a page set up for the cables when they hit the market, billing it as the "result of a lot of malicious USB cable."
The Hak5 page claims numerous features for red teams (researchers and security experts who perform penetration testing on secure systems),
The O.MG Cable allows you to create, save, and transmit entirely remotely. The cable is built with Red Team in mind with features like additional boot payloads, no USB enumeration until payload execution, and the ability to forensically erase the firmware.
On their website, MG says the mass-produced cables will run for around $ 100.
"I've completely torn the cable apart to make sure there aren 't any production stoppers,' MG told motherboard, adding that "I'm just being super transparent about the process" and mostly "everyone who manufactures something is going to keep it up until it's released
"The first batch of production samples are confidence inspiring," Hak5's Darren Kitchen told Motherboard. "We're balancing a number of factors in getting these mixed gadgets produced-and I think everyone is excited about the finished products. The production process has been pretty straightforward, given our experience making pentest [penetration testing] implants. "
The modified cables are still in need of quality assurance, MG told the site. When it comes to commenting on Apple's motherboard, it's "unbelievably using only accessories that have not been diagnosed." in the wild.
This type of security threat is far from new. For example, USB drives with malicious firmware have been a security threat for years. Mac's prior projects also include MacBook Chargers and a USB drive that detonates after uploading malicious code, and the National Security Agency has made similar devices in the past. The O.MG cable is, nevertheless, another reminder that it is not a good idea for a user to plug anything that's not verifiably safe into their devices, whether it's a cable found on the street or at an unsolicited poison from someone at a conference. 19659005] [Motherboard]