I didn’t assume I might be petrified of a USB cable till I went to Def Con. But that’s the place I first realized concerning the O.MG Cable. Released on the infamous hacker convention, the Elite cable wowed me with a mix of technical prowess and its extraordinarily stealth design.
Put merely, you are able to do quite a lot of harm with a cable that doesn’t behave the way in which your goal expects.
What is it?
It’s simply an extraordinary, unremarkable USB cable — or that’s what a hacker would need you to assume.
“It’s a cable that looks identical to the other cables you already have,” explains MG, the cable’s creator. “But inside each cable, I put an implant that’s got a web server, USB communications, and Wi-Fi access. So it plugs in, powers up, and you can connect to it.”
That means this ordinary-looking cable is, the truth is, designed to eavesdrop on the info that passes by way of it and ship instructions to no matter telephone or pc it’s related to. And sure, there’s a Wi-Fi entry level constructed into the cable itself. That characteristic existed within the unique cable, however the latest model comes with expanded community capabilities that make it able to bidirectional communications over the web — listening for incoming instructions from a management server and sending knowledge from no matter gadget it’s related to again to the attacker.
What can it do?
Stressing, once more, that this can be a completely normal-looking USB cable, its energy and stealth are spectacular.
Firstly, just like the USB Rubber Ducky (which I additionally examined at Def Con), the O.MG cable can carry out keystroke injection assaults, tricking a goal machine into considering it’s a keyboard after which typing in textual content instructions. That already provides it an enormous vary of potential assault vectors: utilizing the command line, it may launch software program purposes, obtain malware, or steal saved Chrome passwords and ship them over the web.
It additionally comprises a keylogger: if used to attach a keyboard to a bunch pc, the cable can file each keystroke that passes by way of it and save as much as 650,000 key entries in its onboard storage for retrieval later. Your password? Logged. Bank account particulars? Logged. Bad draft tweets you didn’t need to ship? Also logged.
(This would likely require bodily entry to a goal machine, however there are numerous ways in which an “evil maid attack” will be executed in actual life.)
Lastly, about that inbuilt Wi-Fi. Many “exfiltration” assaults — just like the Chrome password theft talked about above — depend on sending knowledge out over the goal machine’s web connection, which runs the chance of being blocked by antivirus software program or a company community’s configuration guidelines. The onboard community interface skirts round these protections, giving the cable its personal communications channel to ship and obtain knowledge and even a solution to steal knowledge from targets which are “air gapped,” i.e., utterly disconnected from exterior networks.
Basically, this cable can spill your secrets and techniques with out you ever understanding.
How a lot of a menace is it?
The scary factor concerning the O.MG cable is that it’s extraordinarily covert. Holding the cable in my hand, there was actually nothing to make me suspicious. If somebody had supplied it as a telephone charger, I wouldn’t have had a second thought. With a selection of connections from Lightning, USB-A, and USB-C, it may be tailored for nearly any goal gadget together with Windows, macOS, iPhone, and Android, so it’s appropriate for a lot of completely different environments.
For most individuals, although, the specter of being focused could be very low. The Elite model prices $179.99, so that is positively a device for skilled penetration testing, relatively than one thing a low-level scammer may afford to depart mendacity round within the hope of snaring a goal. Still, prices have a tendency to return down over time, particularly with a streamlined manufacturing course of. (“I originally made these in my garage, by hand, and it took me four to eight hours per cable,” MG informed me. Years later, a manufacturing unit now handles the meeting.)
Overall, chances are high that you simply received’t be hacked with an O.MG cable except there’s one thing that makes you a worthwhile goal. But it’s a superb reminder that anybody with entry to delicate data needs to be cautious with what they plug into a pc, even with one thing as innocuous as a cable.
Could I exploit it myself?
I didn’t get an opportunity to check the O.MG cable immediately, however judging by the online setup instructions and my expertise with the Rubber Ducky, you don’t should be an skilled to make use of it.
The cable takes some preliminary setup, like flashing firmware to the gadget, however can then be programmed by way of an internet interface that’s accessible from a browser. You can write assault scripts in a modified model of DuckyScript, the identical programming language utilized by the USB Rubber Ducky; once I examined that product, I discovered it straightforward sufficient to become familiar with the language but in addition famous a number of issues that would journey up an inexperienced programmer.
Given the value, this wouldn’t make sense as a primary hacking gadget for most individuals — however with a little bit of time and motivation, somebody with a primary technical grounding may discover some ways to place it to work.