Lightning cables used for charging Apple devices have become very common over the past decade. Most consumers can distinguish this cable from others simply by giving it a quick glance. However, not all lightning cables are the same. Some of them, while they might look legitimate, will effectively allow criminals to gain remote access to one’s computer.
The Nefarious Lightning Cables
It is not entirely uncommon to deal with fraudulent charging cables. Android users know this all too well, as most micro-USB charging cables from off brands are either terrible at charging or simply do not work for the device intended. Apple users, on the other hand, have far fewer problems to contend with in this regard. The lightning cables are often genuine – albeit expensive -and most people tend to avoid fake brands for rather obvious reasons.
What is rather remarkable is how criminals could be shifting their attention to these lightning cables in question. By using this particular piece of hardware, hackers can effectively gain remote access to a victim’s computer. Once this backdoor access is obtained, culprits can cause all kinds of havoc on a computer. What kind of purpose the hackers are exploring with these cables, remains unclear at this time.
Even though the lightning cables work as intended, there appears to be a hidden component to take note of. The host computer won’t notice the difference, as connected devices will be recognized and even begin charging if needed. Because of the extra hardware found within these fake cables, hackers can use it to access a specific IP address and access the computer remotely.
Another interesting feature of these cables – which were demonstrated during the recent Defcon event – is how they come with multiple scripts and commands for attackers to run on a target machine. Although most of these commands will not necessarily cause permanent damage, it is evident that anyone with scripting knowledge can take advantage of their existence and make modifications accordingly. When one has access to a computer – on the same level as the user who is logged in – there is no telling what could happen.
Although these cables will not be found in the wild anytime soon, their existence does raise a lot of interesting questions. It wouldn’t necessarily be all that difficult to replicate this piece of hardware and its malicious payload. The bigger question is whether criminals want to explore this option, as it doesn’t necessarily seem to be a worthwhile venture to explore. The cables currently cost $200, which make them incredibly expensive to obtain and simply hand out and hope for the best.
It wouldn’t be impossible to see a similar device show up for non-Apple devices in the future. Lightning cables are the most difficult ones to modify. Given how common mini-USB and micro-USB cables are in this day and age, it seems far more likely malicious variants of those will make the rounds sooner or later. That in itself is not something to look forward to, as those cables could do a lot of damage in the process.