Hacked Lightning cables allow an attacker to take over your Mac

A security researcher has created hacked Lightning cables that allow someone to take over a computer as soon as they are plugged into a Mac or PC.

Although the first version was a one-off, the researcher — known as MG — has now shown they can be factory-produced…

Author Ad Placeholder
Will only appear on redesign env.

Motherboard had a demo of the handmade cable over the summer, verifying that it did what it claimed, and reports on the latest development after an online chat with MG.

Soon it may be easier to get your hands on a cable that looks just like a legitimate Apple lightning cable, but which actually lets you remotely take over a computer. The security researcher behind the recently developed tool announced over the weekend that the cable has been successfully made in a factory […]

MG is the creator of the O.MG Cable. It charges phones and transfers data in the same way an Apple cable does, but it also contains a wireless hotspot that a hacker can connect to. Once they’ve done that, a hacker can run commands on the computer, potentially rummaging through a victim’s files, for instance.

After demoing the cable for Motherboard at the Def Con hacking conference this summer, MG said, “It’s like being able to sit at the keyboard and mouse of the victim but without actually being there.”

At the time, MG was selling the handmade cables at the conference for $200 each. Now that production process has been streamlined.

This doesn’t mean the hacked Lightning cables are being put into mass production, and one hopes that MG is responsible about who he allows to buy them, but it does show that these devices can be manufactured at scale. $200 per cable would be a small sum to pay for a nation state, for example, who wanted to do something like get them included in goodie bags at international conferences.

It underlines the importance of never borrowing a cable from someone unless you trust them, and never plugging in a USB key from an unknown source. MFi branding is no guarantee, as these doctored cables have it. The safest bet is always to either buy official Apple cables or other known brands, like Amazon Basics.

FTC: We use income earning auto affiliate links. More.

Spike slack competitor
You’re reading 9to5Mac — experts who break news about Apple and its surrounding ecosystem, day after day. Be sure to check out our homepage for all the latest news, and follow 9to5Mac on Twitter, Facebook, and LinkedIn to stay in the loop. Don’t know where to start? Check out our exclusive stories, reviews, how-tos, and subscribe to our YouTube channel

Check out 9to5Mac on YouTube for more Apple news:

Comments

Author

Avatar for Ben Lovejoy Ben Lovejoy

Ben Lovejoy is a British technology writer and EU Editor for 9to5Mac. He’s known for his op-eds and diary pieces, exploring his experience of Apple products over time, for a more rounded review. He also writes fiction, with two technothriller novels, a couple of SF shorts and a rom-com!


Ben Lovejoy's favorite gear