A security researcher who goes by the name MG has demonstrated how a seemingly ordinary USB-C to Lightning cable could serve as a keylogger and relay everything you type to potential hackers and bad actors.
A report from Motherboard claims that MG had demonstrated an earlier version of the cables at a conference in 2019. Now the cables are sold by cybersecurity vendor Hak5.
In an online chat with Motherboard, MG revealed that people assume a Type-C cable would be safe from a keylogger-style implant. “So, clearly, I had to prove that wrong,” he said.
His creation called OMG Cables conceal a malicious implant that occupies around half the length of the connector’s plastic shell. Once the cable is hooked up to a keyboard and a Mac, the cable creates a WiFi hotspot of its own that the hacker or bad actor can connect to, using their own device. Then, an interface in a nondescript web browser allows the hacker to start recording the victim’s keystrokes.
According to MG, the cables have improved since he showcased them at the DEFCON hacking conference in 2019. Although Motherboard only tested the cables with the hacker’s device in close proximity, MG claimed that the new cables can transmit data up to a mile away. He said that the new ones also have geofencing features so a user can trigger or block the malicious implant’s payloads based on the physical location of the cable.
The security researcher explained that the geofencing feature ties in well with the self-destruct capability that activates in case an OMG Cable leaves the “scope of the hacker’s engagement”. This prevents leakage of payloads (logged keystrokes) or being accidentally run against random computers. The versatile Type-C connector also allows the cable to interface with and attack a variety of devices including smartphones and tablets.
Besides these eerie advancements, MG said that the cable can change keyboard mapping, meaning that hackers can redefine what each keystroke sends to the victim’s connected computer. The OMG Cable can also forge the identity of other specific USB devices so it can pretend to be a connected peripheral that uses a particular vulnerability on the victim’s computer.
Visually, the OMG Cable looks exactly like an OEM Apple Lightning to USB-C cable with no telltale signs on the outside. MG reportedly has a similar black-colored USB-C to USB-C cable for non-Apple products.
[Via Motherboard]