We’ve all been there: in the car on your way to work when you phone dies, in the airport waiting to board when you realize you have less than 20 percent power left, or at home or work when your phone’s cable that runs to the charger finally frays too much to where you can’t use it. You need a cable in that immediate moment, so you beg, borrow, or steal a charger so get you up and running again.
But if you’re an iPhone user and in need of a Lighting cable, borrowing one has just become incredibly dangerous if you’re plugging it into a computer. A rogue Lightning cable is being mass-produced that looks and works just like a regular Lightning cable except that it can secretly hack the computer it’s plugged into on the other end.
O.MG Lightning Cable
Apple made the switch to the Lightning cable in 2012. It’s used to charge iPhones, iPads, and iPod Touches. Nearly every Apple mobile device produced in the past seven years uses Lightning.
If you’re in need of one, either borrowing or buying, stay away from the O.MG Cable. This was created by a hacker. If a computer is on the other end of the Lightning cable, the O.MG Cable can allow someone to remotely take over your computer.
This cable was created by a security researcher known as “MG” who introduced it at the DefCon hacking conference last summer. It contained a built-in wireless hotspot to allow hackers to run commands on a Mac or Windows PC that it’s plugged into.
After MG demoed the cable at the conference, he told a reporter, “It’s like being able to sit at the keyboard and mouse of the victim but without actually being there.” Hackers can either be within Wi-Fi range or tap into the connection over the Internet.
While MG was making each O.MG Cable by hand initially, he’s now discovered a way to mass-produce it, which will put thousands of them into the hands of nefarious individuals.
It’s listed on the Hak5 hacking website that allows hackers to sign up to be notified when it’s available for purchase.
The site explains, “The O.MG Cable allows new payloads to be created, saved, and transmitted entirely remotely. The cable is built with Red Teams in mind with features like additional boot payloads, no USB enumeration until payload execution, and the ability to forensically erase the firmware which caused the cable to fall entirely back to an innocuous state.”
Keeping Your Computer Safe
Of course, the first way to protect your computer from the O.MG Cable is to not plug any Lightning cable at all into it and to use wall chargers for your phone instead. But if a hacker can figure out how to remotely connect to your computer with a rogue cable, can they do the same to your iPhone or iPad?
The other way to keep your computer safe is surely one to produce groans. If you’re not going to use the original Lightning cable your iPhone or iPad shipped with, then make sure the third-party cable you choose says “Made for iPhone/iPad/iPod” (referred to as MFi for short). These are certified by Apple as being safe to use. Yes, it keeps you under the company’s thumb, but it also keeps you safe.
As I say this, I have a third-party cable plugged into my iPad Pro. And I don’t know whether it’s MFi or not. It’s a rare Apple mobile without Lightning, using USB-C instead, and I wanted a regular USB at the other end to use my existing power banks so bought this cable. Luckily, it’s an Amazon product, so it’s probably still safe, depending on your opinion of Amazon.
Do you use third-party Lightning cables? Does this worry you? Leave your thoughts in the comments below.