Cybersecurity expert Zach Duffman explained in an article in Forbes magazine why you should stop using other people’s iPhone or iPad charging cables.
The cybersecurity specialist warned of the danger of the Lightning O.MG device, which is an exact replica of the original Apple charging cable developed by security researcher Mike Grover and released in 2019, and features a separate Wi-Fi access point, geolocation and keystroke logging. Keys, among other functions.
These cables can be controlled in two ways: An attacker can directly enter a cable access point or connect the cable to a network to find his own way to any device.
As Grover explained in an interview with “Forbes”, his device was not designed to attack “iPhones”, but “Macs” and other computers that they connect to for charging or syncing.
Initially, the cables were built manually by Grover, and the original cables were very easy to distinguish. “At the time, I just wanted to see if I could do it: produce something small enough,” he said, adding that he is not planning to equip hackers with his hardware, but instead intends this as a warning.
Later the design was improved and the cables became completely exact copies. Currently, after replacing the original USB-A cables with the USB-C update, the iPad Pro and various Android smartphone models are also in danger.
The LA DA office warned that “Free shipping could end up draining your bank account. It’s good advice. You shouldn’t really connect your unlocked phone to a random USB socket. If you need to charge in public, use an original charger.”
In addition, experts noted that payload storage opens the possibility of direct attacks from “malware”: “The cables can arm themselves when they are attached to the target and destroy themselves when their location changes.” They explained that there is an attack cycle that allows users to capture the clicks that are made by the user on the keyboard, and this makes it possible to collect information from the device when the person concerned uses it, and to attack it.
However, Grover stressed that his cable is not actually that dangerous, because it deliberately prevented their devices in “mobile attack mode” from charging or syncing phones, “so they have limited ability to use it.”
In addition, specialists advised not to connect the unlocked “smartphone” to any USB port and if it is necessary to recharge the device in a public place, it is better to use its charger.