White-hat hacker demonstrates malicious Lightning cable with built-in Wi-Fi

article thumbnail

AppleInsider is supported by its audience and may earn commission as an Amazon Associate and affiliate partner on qualifying purchases. These affiliate partnerships do not influence our editorial content.

Illustrating the potential threat from untrusted accessories, a hacker has developed a proof-of-concept Lightning cable with a hidden Wi-Fi chip that could allow parties to seize control of a Mac.

Nicknamed the "O.MG Cable," it closely resembles Apple's own official products. When attached though it can deliver and trigger code payloads, potentially even reflashing a system, according to its creator. In a video, the cable — controlled remotely via an iPhone Web interface — is shown opening up a phishing website on a Mac, then the O.MG project page.

"I am going to work on getting a batch of these made for researchers and those working in the industry," the latter promises.

Practically speaking most people are unlikely to face a bugged Lightning cable, since they're buying from Apple directly or MFi-certified vendors. The O.MG technique also appears to require an attacker to be within local Wi-Fi range, making it of little use even to most black-hat hackers.

Conceivably though some variant could be used in political or corporate espionage, substituted in place of a target's normal cable.