T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360
A pseudonymous security researcher says they’re already mass producing the cables.
Plug and Play
Next time you buy a USB cord — or take a free one from a kiosk at an event — you’ll want to make sure it doesn’t spy on every single thing you type.
A cable that can do just that is now available, thanks to a pseudonymous cybersecurity researcher who goes by MG. MG told Motherboard that the so-called OMG cable looks just like any other, except for a tiny computer that can automatically record every single keystroke you take while it’s plugged in and transmit them to a hacker.
“There were people who said that Type C cables were safe from this type of implant because there isn’t enough space. So, clearly, I had to prove that wrong. :),” MG told Motherboard.
MG has already started to mass-produce the OMG cable and sell it through the hacking community shop Hak5 — ostensibly for security research purposes rather than anything willfully malicious. As the product listing describes, the cable contains a web server, radio, and tiny processors all hidden within the wire itself.
In a test run, Motherboard reporter Joseph Cox used the OMG cable — specifically a USB-C to Lightning cable — to connect his keyboard to his Mac computer. A demo video shows a phone running the cable’s interface capturing every word that he typed.
MG told Motherboard that a hacker can run the interface from any web browser after connecting to the cable’s WiFi hotspot — a process that seems alarmingly straightforward for how much information it could expose. Needless to say, Apple, which developed lightning cables, ignored Motherboard‘s request for comment.
READ MORE: This Seemingly Normal Lightning Cable Will Leak Everything You Type [Motherboard]
More on hackers: Electric Vehicle Chargers Are Shockingly Vulnerable To Hacking