It looks like you’ll need to start being a whole lot more careful about where you get your iPhone charging cables. Mike Grover, a security researcher, has developed a charging cable that looks just like a standard iPhone charging cable, but actually allows hackers to remotely take over a computer when plugged in. Not only that, but Grover, who goes by the name MG, is even mass-producing and selling the cable online. The cable was first reported on by Motherboard.
The cable itself can actually charge devices and transfer data, just like a standard lightning cable. It goes beyond that, however, by also offering a wireless hot spot that a hacker can connect to, which then allows the hacker to run commands on a computer, control certain aspects of it, and more. MG is hoping that the cable will help raise awareness of the fact that anything you plug into your computer could be malicious.
“It’s like being able to sit at the keyboard and mouse of the victim but without actually being there,” said MG at the Def Con hacking conference in an interview with Motherboard.
According to the report, MG is distributing the cable, called the O.MG cable, through Hak5, which sells hacking and cybersecurity tools. In other words, you probably won’t accidentally buy a cable that ends up allowing hackers to take control of your computer, but it’s still worth making sure that you buy a cable from a reputable source.
Of course, it’s important to note that cables like this have existed for years now — so it’s not necessarily like the new cable will trigger a new wave of computer hacks. According to a report from The Verge, MG previously made a modified Apple USB-C charger that could similarly take control of a computer.
Ultimately, MG intends for the cable to only be used by security researchers, however, in reality, anyone could buy them. According to the Verge report, MG says he hopes that security researchers will think to defend against USB cables like this and other, similar cables. After all, a malicious cable might not necessarily be the first method of attack that users and researchers think of.