An iPhone charging cable comes with preloaded payload, scripts, and commands that allows hackers to remotely open the terminal on Mac book screen and control the computer.
The lightning cable looks like an ordinary that often used by iPhone users to connect with Macbook to transfer the data, but this weaponized cable comes with extra components that establish the remote connection to the attack.
The security researcher known as MG in Twitter made this dubbed O.MG Cable told motherboard ” “It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable,” “
MG made this cable in hand by modifying the real Apple cables and deploy the implant that performs the various malicious operation including executing the script, remotely “kill ” the USB implant.
Typing an IP address of the cable in phone browser will open a list of options such as opening a terminal on Mac, in which hackers can execute the various commands and run all set of tools.
“In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at Def con were mostly done the same way,” MG said.
He is selling the modified iPhone Charging Cable for $200 each that including “You will get the cable, a bonus physical programmer (if you brick the device or use self destruct), access to the private early access group, and a 50% off discount code that can be used when the production cable goes live on Hak5 “
Also, he wanted to produce as a legitimate security tool in the future and also these cables would be made from scratch rather than modified Apple ones.
Currently, an attacker within 300 feet radius with a smartphone can be able to connect with the computer directly.
“A hacker could use a stronger antenna to reach further if necessary, “But the cable can be configured to act as a client to a nearby wireless network. And if that wireless network has an internet connection, the distance basically becomes unlimited.”MG added.
Some router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker…
Hackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes…
DDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with…
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine.…
In a historic move, Microsoft has made the source code for MS-DOS 4.0, one of the most influential operating systems…
A new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which utilized SSLoad malware for its operations…