Much is said about The danger of counterfeit accessories for your Apple products (or from any other manufacturer): In addition to not complying with expected quality standards, they can also pose hardware safety risks.
However, a hacker recently took it one step further and proved that it is possible to create an extension that also threatens your digital security and privacy – all through a little technology embedded in a seemingly harmless cable. Lightning.
The hacker, known only as MGCreate a compact Lightning to USB-C cable keylogger built-in. Connection OMG cable It works with iPhones, iPads or Magic Keyboards and is capable of capturing everything you type, including passwords and sensitive data, and sending it to criminals within 1.6 km (!)
NS keylogger It works through a small chip placed at the end of the cable with a USB-C connector, making the accessory indistinguishable from the original. By connecting the cable to one of your devices, it activates its Wi-Fi network with a range of up to 1.6 km. On the other hand, all a hacker has to do is be in range of the network, connect to it, and collect all your typing data through any browser.
The video below shows a demonstration of how it works:
Previous version of the cable The malware is able to silently open a terminal session on your Mac (using the extension to connect your iPhone to your computer, for example) and allow an attacker to execute commands remotely, possibly breaking into your device and taking control of it.
The tool also has “security” features, such as the ability for a hacker to block the transmission of information to other devices, reset keys on a remote keyboard or simulate the identity of USB devices to which the cable is connected.
Even more worrisome, the cables are commercially available: MG has already begun mass-producing them, and the partner cybersecurity firm has units for sale. Despite this, the cable manufacturing process is slow – especially now, with the crisis in the world of chips – and availability is very limited. Prices are also exorbitant, revolve around 200-300 USD.
So we are talking about a tool that agencies (and criminal groups) will certainly use to spy only on figures of high public importance, such as journalists, activists, and politicians. However, stay vigilant as usual: don’t even think about connecting any cables to your devices, always be on the lookout for your belongings when in public and always use original accessories. Let’s not give soup randomly after all.
via vice