Posted on August 12, 2019 at 7:33 PM
Android devices aren’t the only ones at risk of suffering cyberattacks. As it turns out, Apple customers can be the victims of malicious behavior through seemingly harmless ways, most notably, the lightning cable that comes with iPhones, even with the newest iPhone XS and also AirPods.
Hackers are using a modified version of the aforementioned cable to vulnerate security systems and “hijack” Mac computers, releasing the horror around the cybersecurity industry.
An Altered Version of an iPhone Cable
Vice is reporting that MG, which is a known security researcher, recently showcased an altered version of the famous lightning cable, which has the capability to take over the device of naive users and provide the hacker with the tools it needs to gain remote access to the computer, including all the relevant data and information in the storing units.
The announcement made by MG came in the annually held hacking gathering Def Con, where he explained more details about the cable that has every iPhone and Mac owner worried and on the alert. MG called the little piece of hardware the “O.MG Cable,” in clever wordplay.
The expert observed that while it looks like a real, working, and fully functioning cable, the reality is that it is not. He also said that not even the computer would know the difference between the O.MG cable and a legitimate one until the hacker takes control of it.
MG also talked about how a hacker could do to exploit vulnerabilities in the victim’s system while using the cable. He stated that switching a working cable with the O.MG one to take over the victim’s computer would be simple.
For example, MG suggests that the malicious cable could be given to the victim as a gift, being so hard to pinpoint the differences between the real deal and the modified, malicious version of it.
It Looks Exactly the Same as an iPhone Cable
One of the most dangerous situations for potential victims is that the O.MG cable looks almost exactly like a legitimate one, even with the small and sticky paper that holds everything together that the tech giants’ cords implement.
The “fun” (for the attacker, at least, not for the victim) begins when the targeted individual plugs the modified and malicious version of the cable in its computer. At that moment, the hacker will be able to write the cable’s IP address into the browser of a phone. While being there, the attacker will have various options to inflict damage, with terminal access being the most notable one.
Once in the terminal, the attack perpetrator will have the ability to run apps and control other tools on the person’s computer. All that was achieved with a cable that looks just like a real one, but is not.
The story about the cable was featured in the Cybersolutions’ Twitter account, which explained that the cable was used and plugged just like a real one and had normal results: after connecting it to an iPod and a Mac, the formed started charging, the iTunes spotted it, and the iPod asked whether to trust this computer or not.
Just Like Being in Front of the Victim’s Mac
Per MG, the situation allows the attacker to use the victim’s computer just as if the former is sitting in front of it, but without the physical presence. He also stated that the hardware pieces are done by him, by hand, via a careful process that involves changing real Apple cables to add his “magic.”
He said that he created every element of the implant in his kitchen, where he merged all of them into a cable. The O.MG cables are being sold at a $200 price and, according to their creator, the hacker can be at a distance of maximum 300 feet to the victim’s device with a smartphone and it will be able to connect directly. An antenna would allow reaching longer distances.