Security researchers and other techies are always on the look out for security flaws and vulnerabilities that help to point out where people could fall victim to scams. Recently, an unnamed ‘ethical hacker’ from Verizon Media highlighted how hackers could gain control of your device with a simple piece of hardware we all use every day.
Going by the Twitter name ‘@MG‘, he was able to access a locked device, which could pave the way for cyber-criminals to inject malicious software onto an iPhone. This was achieved by simply modifying a legitimate Apple USB Lightning cable to contain a minute Wi-Fi chip. Because of the size of this component, the cable appeared no different to an ordinary, unmodified Apple cable.
However, once plugged into a victim’s device, the cable allows the controlling hacker to connect to the person’s phone. What’s more, the chip can be embedded with scripts that can be executed on command. This could include things such as sending phishing website pages directly to the victim’s phone that are designed to steal personal information.
The hacker showcased his research at the annual Def Con conference in Las Vegas, an annual hacking convention. He explained how he had invested thousands of dollars into the project, spending numerous hours working on the cable itself. He hopes that this will highlight the dangers of using charging cables that don’t belong to you.
‘It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable (…) it’s like being able to sit at the keyboard and mouse of the victim but without actually being there.’Twitter user @_MG_
He also highlighted how although people generally know not to connect an unknown flash USB drive to their computer, people are less wary of charging cables despite risks like these. Indeed, third-party, public USB cable charging hotspots are becoming more and more commonplace in places like airports, coffee shops, and even buses and trains.
Here at WiseGuys, we recommend being careful using any kind of public convenience like Wi-Fi hotspots or public charging ports. It’s better to be safe and either fully charge your device before leaving the house, or to take a portable power bank with you. For more security tips and advice, get in touch with WiseGuys on 0808 123 2820.