I didn’t suppose I’d be frightened of a USB cable till I went to Def Con. However that’s the place I first realized in regards to the O.MG Cable. Launched on the infamous hacker convention, the Elite cable wowed me with a mix of technical prowess and its extraordinarily stealth design.
Put merely, you are able to do a whole lot of injury with a cable that doesn’t behave the way in which your goal expects.
It’s simply an bizarre, unremarkable USB cable — or that’s what a hacker would need you to suppose.
“It’s a cable that appears equivalent to the opposite cables you have already got,” explains MG, the cable’s creator. “However inside every cable, I put an implant that’s obtained an internet server, USB communications, and Wi-Fi entry. So it plugs in, powers up, and you’ll hook up with it.”
Meaning this ordinary-looking cable is, in reality, designed to eavesdrop on the information that passes by way of it and ship instructions to no matter cellphone or pc it’s related to. And sure, there’s a Wi-Fi entry level constructed into the cable itself. That function existed within the unique cable, however the latest model comes with expanded community capabilities that make it able to bidirectional communications over the web — listening for incoming instructions from a management server and sending information from no matter gadget it’s related to again to the attacker.
What can it do?
Stressing, once more, that it is a completely normal-looking USB cable, its energy and stealth are spectacular.
Firstly, just like the USB Rubber Ducky (which I additionally examined at Def Con), the O.MG cable can carry out keystroke injection assaults, tricking a goal machine into considering it’s a keyboard after which typing in textual content instructions. That already offers it an enormous vary of attainable assault vectors: utilizing the command line, it might launch software program purposes, obtain malware, or steal saved Chrome passwords and ship them over the web.
It additionally accommodates a keylogger: if used to attach a keyboard to a bunch pc, the cable can report each keystroke that passes by way of it and save as much as 650,000 key entries in its onboard storage for retrieval later. Your password? Logged. Checking account particulars? Logged. Unhealthy draft tweets you didn’t wish to ship? Additionally logged.
(This may most likely require bodily entry to a goal machine, however there are a lot of ways in which an “evil maid attack” may be executed in actual life.)
Lastly, about that inbuilt Wi-Fi. Many “exfiltration” assaults — just like the Chrome password theft talked about above — depend on sending information out over the goal machine’s web connection, which runs the chance of being blocked by antivirus software program or a company community’s configuration guidelines. The onboard community interface skirts round these protections, giving the cable its personal communications channel to ship and obtain information and even a option to steal information from targets which might be “air gapped,” i.e., utterly disconnected from exterior networks.
Mainly, this cable can spill your secrets and techniques with out you ever understanding.
How a lot of a risk is it?
The scary factor in regards to the O.MG cable is that it’s extraordinarily covert. Holding the cable in my hand, there was actually nothing to make me suspicious. If somebody had provided it as a cellphone charger, I wouldn’t have had a second thought. With a alternative of connections from Lightning, USB-A, and USB-C, it may be tailored for nearly any goal gadget together with Home windows, macOS, iPhone, and Android, so it’s appropriate for a lot of totally different environments.
For most individuals, although, the specter of being focused could be very low. The Elite model prices $179.99, so that is positively a instrument for skilled penetration testing, slightly than one thing a low-level scammer might afford to depart mendacity round within the hope of snaring a goal. Nonetheless, prices have a tendency to return down over time, particularly with a streamlined manufacturing course of. (“I initially made these in my storage, by hand, and it took me 4 to eight hours per cable,” MG informed me. Years later, a manufacturing unit now handles the meeting.)
Total, chances are high that you simply received’t be hacked with an O.MG cable until there’s one thing that makes you a worthwhile goal. Nevertheless it’s a superb reminder that anybody with entry to delicate info must be cautious with what they plug into a pc, even with one thing as innocuous as a cable.
Might I exploit it myself?
I didn’t get an opportunity to check the O.MG cable instantly, however judging by the online setup instructions and my expertise with the Rubber Ducky, you don’t have to be an skilled to make use of it.
The cable takes some preliminary setup, like flashing firmware to the gadget, however can then be programmed by way of an internet interface that’s accessible from a browser. You’ll be able to write assault scripts in a modified model of DuckyScript, the identical programming language utilized by the USB Rubber Ducky; once I examined that product, I discovered it straightforward sufficient to become familiar with the language but additionally famous just a few issues that might journey up an inexperienced programmer.
Given the value, this wouldn’t make sense as a primary hacking gadget for most individuals — however with a little bit of time and motivation, somebody with a fundamental technical grounding might discover some ways to place it to work.