How Charging Your iPhone Could Let Hackers Access Your Bank Account
The superficial task of charging your iPhone could lead to some serious privacy problems, like having your passwords stolen and bank account hacked by cyber criminals.
This is all because of a discovery that certain low-grade charging cables were designed to gain access to your computer once you connect your iPhone to it.
What’s worse is that it was meticulously designed to look identical to that of the Apple Lightning cables, making it seem like nothing fishy is happening deep down.
This product, developed by a hacker known as MG, was showcased to the public during the Def Con Cybersecurity Convention in Las Vegas held last week.
The product was called OMG cable and was made from an original Apple Lighting cable and was fitted with a small Wi-Fi-enabled implant. “It looks like a legitimate cable and works just like one,” as announced by the developer MG at the said conference.
OMG! 2 months + 8 devs + O•MG Cable = malicious wireless implant update!
This update brought to you by the chaos workshop elves: @d3d0c3d, @pry0cc, @clevernyyyy, @JoelSernaMoreno, @evanbooth, @noncetonic, @cnlohr, @RoganDawes
More info: https://t.co/kkhUppsqiC#OMGCable pic.twitter.com/fIzOaKJSxL
— _MG_ (@_MG_) April 12, 2019
“Not even your computer will notice a difference – until I, as an attacker, wirelessly take control of the cable. Once the product is plugged into the computer, a hacker using a nearby Wi-Fi network can wirelessly transmit malicious payloads on the computer. From here the hacker could remotely lock the victim’s computer to collect their username and password when they log back on.
MG also demonstrated remotely accessing phishing sites on the user’s screen using the cable itself. These phishing sites were fake websites created to collect personal details of the victims.
“It’s like being able to sit at the keyboard and mouse of the victim but without actually being there,” he said.
The hacker said it took him up to 300 hours and close to $A6000 to develop the risky cable. While it was an Apple item that served as the base of the product, MG claimed it can be created from any USB cable.
Besides all this, MG still plans to recreate the cable from scratch and make money out of it online as a “legitimate security tool.”
Apple recommends only using accessories certified by the company for the best protection.
“An Apple Lightning to USB cable has ‘Designed by Apple in California’ and either ‘Assembled in China’, ‘Assembled in Vietnam’, or ‘Indústria Brasileira’ on the cable about seven inches from the USB connector.,” it’s website explains. “You’ll see a 12-digit serial number at the end of this text.”
While it’s still advisable to use authentic Apple products for your iPhones, it is still worth noting that it has been reported that an authentic iPhone cable was used for the hack, as what was showcased in the convention, which still makes it vulnerable for sneaky cyber attacks.