June 1, 2021 01:06 GMT
Specialist Zak Doffman warned of the danger of the Lightning O.MG device, a replica of the original Apple cable developed by inventor Mike Grover and released in 2019, which has the ability to geolocate and record keystrokes, among others. functions.
Cybersecurity expert Zak Doffman explained in an article published last Saturday in Forbes why you have to stop using other people’s iPhone or iPad cables.
The specialist warned of the danger of the Lightning O.MG device, a replica of the original cable from Apple Developed by inventor Mike Grover and released in 2019, it features a separate Wi-Fi access point, payload storage, geolocation, and tracking capabilities. record keystrokes, Among other functions. These cables can be controlled by a browser: an attacker can directly enter the cable access point or have the cable connect to a network to find their own route to any device.
As Grover detailed in an interview with Forbes, his device was not designed to attack iPhones, but Macs and other computers to which they connect to charge or synchronize them. Initially, the cables were built by hand by the inventor and it was quite easy to distinguish from the originals. “At the time I just wanted to see if I could do it – produce something small enough,” he said, adding that he does not plan to supply his devices to hackers, but rather this is intended as a warning.
But later the design was refined and the cables became exact replicas. Currently – after the original USB-A were supplanted by a USB-C update – the iPad Pro and various models of Android ‘smartphones’ are also in danger.
In addition, experts pointed out that payload storage opens the possibility of direct attacks by a ‘malware’– Cables can self-arm when on target and self-destruct when their location changes. They explained that there is an attack cycle that allows the user to capture the pressures and then introduce their own. This makes it possible for a device to collect information when a user is using it, to attack it when it is not.
However, Grover stressed that his cable is actually not that dangerous, since it deliberately prevented his devices in “mobile attack mode” from charging or syncing phones, “so have a limited ability to use it without the target knowing“, and noted that they are designed for demonstration and training only.
In addition, specialists They advised not to connect the unlocked ‘smartphone’ to any USB outlet and if it is necessary to recharge the device in a public place, it is better to use its own charger. “USB cables are designed for data, remember,” they added.
If you found it interesting, share it with your friends!