White-Hat Hacker Develops Proof-of-Concept Malicious Lightning Cable

Lightning cables, intended for use with iPhone, iPad, and iPod, are some of the most widely used cables by consumers. We see an abundance of Lightning cables available anywhere from online retailers to brick and mortar shops. With Lightning cables in high demand, there are several cable manufactures that produce and sell such cables to consumers; while many of them are certified MFi (Made for iPhone) compliant, there are also many that are not, and these companies have been known to distribute potentially dangerous and unsafe products.

 How Counterfeit Cables Can be Malicious and Intrusive

While counterfeit Lightning cables have been known to cause issues with end devices, one recent development in the world of hacking investigates the potential phishing threats that can occur with bugged, malicious Lightning cables. A recent article by Apple Insider, “White-hat hacker demonstrates malicious Lightning cable with built-in Wi-Fi” discusses how a white-hat hacker has developed a new type of hacking technology implemented into Lightning cables to better understand its susceptibility to other parties.

White-hat hacker developed proof-of-concept malicious Lightning cable to demonstrate how seemingly normal Lightning cables can potentially case security threats to consumers.

 

Ethical Hackers

White-hat hackers are computer security specialists that are equipped to ethically hack into systems to determine the vulnerability threat they may pose to the public. One in particular developed a proof-of-concept cable, commonly known as the O.MG Cable (Offensive MG kit). This cable appears to be like any other Lightning cable, except it contains a hidden Wi-Fi chip that would allow someone to seize control of the connected Mac computer.

The article goes further into this proof-of-concept and explains, “When attached [the O.MG cable] can deliver and trigger code payloads, potentially even reflashing a system”. In a complementary video, it shows just how these bugged cables can open an attack on a Mac, simply by becoming connected to the laptop device. Once the cable is connected, it is then controlled remotely through another iPhone web interface using Wi-Fi.

Important Consumer Information

Because malicious incidences like these are possible, it is important for consumers to be aware of the cables they are purchasing and whether or not they are being produced by a compliant manufacturer. In order to ensure a safe and quality-made cable, consumers should look out for the compliance logo labeled on the product, whether this be for USB, Apple MFi, or HDMI, and only purchase certified or OEM (Original Equipment Manufacturer) cables.

Manufacturers Test Compliance

Because cables produced today have a higher likelihood of presenting unsafe or dangerous circumstances due to their advanced and complex infrastructure, Total Phase now provides cables manufactures a comprehensive cable testing tool to ensure safety and quality during production, called the Advanced Cable Tester v2. This tool is designed to quickly and affordably test a variety of USB, Apple Lightning, and video cables in environments ranging from laboratory testing to mass-scale production lines. Our complete set of tests include validating pin continuity, measuring the DC resistance and IR drop, testing the signal integrity on high speed and superspeed lines present up to 12.8 Gbps, and verifying E-marker. Specifically, our support for Lightning cables allows manufacturers to test the Lightning plug bring up and function, over-voltage protection, voltage recovery, and quiescent current consumption on Lightning cables. For more information on the Advanced Cable Tester v2, please visit our website, or contact us at sales@totalphase.com.