Security researcher MG has produced a Lightning cable that looks just like an official Apple cable but leaks everything you type, reports Motherboard. The cable is able to record keystrokes and wirelessly send that data to a hacker up to a mile away.
This is the new version of a series of penetration testing tools made by the security researcher known as MG. MG previously demoed an earlier version of the cables for Motherboard at the DEF CON hacking conference in 2019. Shortly after that, MG said he had successfully moved the cables into mass production, and cybersecurity vendor Hak5 started selling the cables. But the more recent cables come in new physical variations, including Lightning to USB-C, and include more capabilities for hackers to play with.
The cables create a Wi-Fi hotspot that a hacker can connect to from their own device. A web browser interface allows for recording of keystrokes. The new cables now have a geofencing feature that can trigger or block payloads based on the location of the cable.
"It pairs well with the self-destruct feature if an OMG Cable leaves the scope of your engagement and you do not want your payloads leaking or being accidentally run against random computers," he said.
Other features include the ability to change keyboard mappings and forge the identity of specific USB devices. There is also a black USB-C to USB-C version to mimic cables for non-Apple products.
More details in the full report linked below...
Read More
This is the new version of a series of penetration testing tools made by the security researcher known as MG. MG previously demoed an earlier version of the cables for Motherboard at the DEF CON hacking conference in 2019. Shortly after that, MG said he had successfully moved the cables into mass production, and cybersecurity vendor Hak5 started selling the cables. But the more recent cables come in new physical variations, including Lightning to USB-C, and include more capabilities for hackers to play with.
The cables create a Wi-Fi hotspot that a hacker can connect to from their own device. A web browser interface allows for recording of keystrokes. The new cables now have a geofencing feature that can trigger or block payloads based on the location of the cable.
"It pairs well with the self-destruct feature if an OMG Cable leaves the scope of your engagement and you do not want your payloads leaking or being accidentally run against random computers," he said.
Other features include the ability to change keyboard mappings and forge the identity of specific USB devices. There is also a black USB-C to USB-C version to mimic cables for non-Apple products.
More details in the full report linked below...
Read More