This Lightning cable could steal all your passwords

Lightning Cable
(Image credit: FelixMittermeier / Pixabay)

After showcasing a fake Lightning cable at Def Con back in 2019, security researcher Mark Grover (also known as MG) is back with a new version of his OMG Cable.

While MG's custom cable may resemble one of Apple's Lightning cables, its actually part of a series of penetration tools capable of recording everything a user types and wirelessly sending this data to a hacker that can be more than a mile away.

Following the creation of his original prototype in 2019, MG began mass producing his fake Lightning cables and the cybersecurity vendor Hak5 began selling them online.

Now MG's latest cables come in additional variations including Lighting to USB-C to provide hackers with even more capabilities and allow them to gain access to a wider variety of devices.

OMG Cable 2.0

As reported by Vice's Motherboard, MG's OMG Cable work by creating a Wi-Fi hotspot in the cable itself that a hacker can connect to from other devices.

Once connected to the cable, a web interface inside a browser allows a hacker to start recording a victim's keystrokes. According to MG, the hardware used to do this takes up around half the length of the plastic shell.

The latest iteration of the OMG Cable also packs in extra features such as geofencing which allows a hacker to block payloads sent to a device based on the physical location of the cable. There's even a self-destruct feature if an OMG Cable leaves the scope of engagement according to MG.

With the addition of USB-C, the cables now allow attacks to be carried out on a wider range of smartphones and tablets. Other improvements include being able to change keyboard mappings and forge the identity of specific USB devices.

Although MG has created several new variations of his OMG Cable, finding the parts to make them has proved difficult as the global chip shortage has also affected his operations.

Via Motherboard

Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Apple users facing new security risks after critical USB component hacked
Find My app logo displayed on an iPhone 11 screen
This Find My exploit lets hackers track any Bluetooth device – here’s how you can stay safe
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Ransomware
Microsoft spies a new and worrying macOS malware strain
Fraude en ligne phishing
Google forced to step up phishing defenses following ‘most sophisticated attack’ it has ever seen
Illustration of a laptop with a magnifying glass exposing a beetle on-screen
This devious macOS malware is evading capture by using Apple's own encryption
Latest in Security
Power cables stretching out in front of the horizon
Solar grids could be hijacked and even potentially disabled by these security flaws
Spam messages
Microsoft Stream classic domain hijacked, causing spam across SharePoint
Isometric demonstrating multi-factor authentication using a mobile device.
NCSC gets influencers to sing the praises of 2FA
Sam Altman and OpenAI
OpenAI is upping its bug bounty rewards as security worries rise
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Dangerous new CoffeeLoader malware executes on your GPU to get past security tools
China
Notorious Chinese hackers FamousSparrow allegedly target US financial firms
Latest in News
Power cables stretching out in front of the horizon
Solar grids could be hijacked and even potentially disabled by these security flaws
Lenovo | Thinkpad T14s Gen 6 Snapdragon
Windows 11’s latest patch declares war on BIOS updates for some Lenovo laptops, blocking them as a security risk in a bizarre turn of events
Samsung Galaxy Watch Ultra
Samsung confirms Galaxy Watches aren't tracking sleep properly – here's the fix if you're affected
Tomodachi Life: Living the Dream screenshot showing a Mii smelling some fresh flowers.
Tomodachi Life: Living the Dream is a sequel to my favorite 3DS game, and I think it's already packing the charm that inZOI lacks
Spam messages
Microsoft Stream classic domain hijacked, causing spam across SharePoint
ChatGPT logo
ChatGPT 4o just got better, although I’m yet to notice a difference