I didn’t assume I might be afraid of a USB cable till I went to Def Con. However that’s the place I first discovered in regards to the O.MG Cable. Launched on the infamous hacker convention, the Elite cable wowed me with a mixture of technical prowess and its extraordinarily stealth design.
Put merely, you are able to do a lot of harm with a cable that doesn’t behave the way in which your goal expects.
What is it?
It’s simply an extraordinary, unremarkable USB cable — or that’s what a hacker would need you to assume.
“It’s a cable that appears an identical to the opposite cables you have already got,” explains MG, the cable’s creator. “However inside every cable, I put an implant that’s obtained a internet server, USB communications, and Wi-Fi entry. So it plugs in, powers up, and you’ll hook up with it.”
Meaning this ordinary-looking cable is, in reality, designed to eavesdrop on the info that passes by way of it and ship instructions to no matter cellphone or pc it’s related to. And sure, there’s a Wi-Fi entry level constructed into the cable itself. That characteristic existed within the authentic cable, however the latest model comes with expanded community capabilities that make it able to bidirectional communications over the web — listening for incoming instructions from a management server and sending knowledge from no matter system it’s related to again to the attacker.
What can it do?
Stressing, once more, that this is a completely normal-looking USB cable, its energy and stealth are spectacular.
Firstly, just like the USB Rubber Ducky (which I additionally examined at Def Con), the O.MG cable can carry out keystroke injection assaults, tricking a goal machine into pondering it’s a keyboard after which typing in textual content instructions. That already offers it a enormous vary of potential assault vectors: utilizing the command line, it might launch software program functions, obtain malware, or steal saved Chrome passwords and ship them over the web.
It additionally incorporates a keylogger: if used to attach a keyboard to a host pc, the cable can report each keystroke that passes by way of it and save as much as 650,000 key entries in its onboard storage for retrieval later. Your password? Logged. Checking account particulars? Logged. Unhealthy draft tweets you didn’t need to ship? Additionally logged.
(This might likely require bodily entry to a goal machine, however there are various ways in which an “evil maid assault” will be executed in actual life.)
Lastly, about that inbuilt Wi-Fi. Many “exfiltration” assaults — just like the Chrome password theft talked about above — depend on sending knowledge out over the goal machine’s web connection, which runs the chance of being blocked by antivirus software program or a company community’s configuration guidelines. The onboard community interface skirts round these protections, giving the cable its personal communications channel to ship and obtain knowledge and even a technique to steal knowledge from targets which might be “air gapped,” i.e., fully disconnected from exterior networks.
Mainly, this cable can spill your secrets and techniques with out you ever realizing.
How a lot of a risk is it?
The scary factor in regards to the O.MG cable is that it’s extraordinarily covert. Holding the cable in my hand, there was actually nothing to make me suspicious. If somebody had provided it as a cellphone charger, I wouldn’t have had a second thought. With a selection of connections from Lightning, USB-A, and USB-C, it may be tailored for nearly any goal system together with Home windows, macOS, iPhone, and Android, so it’s appropriate for a lot of totally different environments.
For most individuals, although, the specter of being focused is very low. The Elite model prices $179.99, so this is positively a tool for skilled penetration testing, somewhat than one thing a low-level scammer might afford to go away mendacity round within the hope of snaring a goal. Nonetheless, prices have a tendency to return down over time, particularly with a streamlined manufacturing course of. (“I initially made these in my storage, by hand, and it took me 4 to eight hours per cable,” MG advised me. Years later, a manufacturing unit now handles the meeting.)
Total, likelihood is that you just received’t be hacked with an O.MG cable except there’s one thing that makes you a worthwhile goal. However it’s a good reminder that anybody with entry to delicate info ought to be cautious with what they plug into a pc, even with one thing as innocuous as a cable.
May I exploit it myself?
I didn’t get a probability to check the O.MG cable straight, however judging by the on-line setup directions and my expertise with the Rubber Ducky, you don’t have to be an skilled to make use of it.
The cable takes some preliminary setup, like flashing firmware to the system, however can then be programmed by way of a internet interface that’s accessible from a browser. You may write assault scripts in a modified model of DuckyScript, the identical programming language utilized by the USB Rubber Ducky; after I examined that product, I discovered it straightforward sufficient to familiarize yourself with the language but in addition famous a few issues that might journey up an inexperienced programmer.
Given the value, this wouldn’t make sense as a first hacking gadget for most individuals — however with a little bit of time and motivation, somebody with a primary technical grounding might discover some ways to place it to work.