Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

White-hat hacker demonstrates malicious Lightning cable with built-in Wi-Fi

Illustrating the potential threat from untrusted accessories, a hacker has developed a proof-of-concept Lightning cable with a hidden Wi-Fi chip that could allow parties to seize control of a Mac.

Nicknamed the "O.MG Cable," it closely resembles Apple's own official products. When attached though it can deliver and trigger code payloads, potentially even reflashing a system, according to its creator. In a video, the cable — controlled remotely via an iPhone Web interface — is shown opening up a phishing website on a Mac, then the O.MG project page.

"I am going to work on getting a batch of these made for researchers and those working in the industry," the latter promises.

Practically speaking most people are unlikely to face a bugged Lightning cable, since they're buying from Apple directly or MFi-certified vendors. The O.MG technique also appears to require an attacker to be within local Wi-Fi range, making it of little use even to most black-hat hackers.

Conceivably though some variant could be used in political or corporate espionage, substituted in place of a target's normal cable.



17 Comments

Soli 9 Years · 9981 comments

And people wonder why Apple works so hard to protect your our data with great components like the T-series chips. If a WHH has made this then chances are independent, gov't, or corporate BHH have considered and created something similar already.

StrangeDays 8 Years · 12986 comments

Soli said:
And people wonder why Apple works so hard to protect your our data with great components like the T-series chips. If a WHH has made this then chances are independent, gov't, or corporate BHH have considered and created something similar already.

But but but Apple is just being greedy and trying to rip off consumers with cables that cost $3 more than licensed third parties!

lkrupp 19 Years · 10521 comments

Yeah, I’m not too worried about this but it demonstrates that privacy and security in the digital age is an almost unobtainable goal.

danuff 15 Years · 34 comments

A friend of mine bought a "cheaper" knockoff cable and wondered why it didn't work. She then proceeded to complain about why Apple's cables are more then the knockoffs. This is a VERY GOOD example of why. THANKS APPLE for protecting us yet again.

Soli 9 Years · 9981 comments

Data port privacy is why I try not to use open USB ports, like in hotels and airports. I use my PSU in an outlet (or my MBP or portable battery pack when plugging in it's an option), but I'll likely move to one of the security-focused USB adapters that only allow for charging and actively block data, like LockedUSB.

  • https://lockedusb.com/shop/

I can't wait for Qi charging pads to become more commonplace for topping off a device.