USB cable steals passwords and data remotely and transmits wirelessly

A security researcher has developed a Type-C USB cable that does everything the user expects, plus more: send files quickly, connect devices, charge the cell phone, and finally steal passwords and user data.

Developed by an expert called MG, the spy device is a penetration tool capable of acting as a physical keylogger, stealing everything keyboard on any connected device and sending the data miles away.

publicity

The cable, dubbed “OMG Cable”, was in the prototype stage in 2019, and began to be marketed by the cybersecurity company Hak5. At the time, the product was aimed only at Apple users, performing the same functions on a Lightning cable. Now MG has created a variation of the connector.

“There were people who said that Type-C cables were protected from this type of implant because there was not enough space. So clearly I had to prove them wrong,” says the hacker.

two USB cables rolled up next to each other under a rug, only one of which steals passwords
Fake USB cable is virtually indistinguishable from the original version. (Image: Digital Gaze Montage via Motherboard)

USB cables create network hotspot and reach over 1 km

OMG Cables work by creating a network hotspot, half the size of the connector, that the hacker can connect to from their own device. Once connected, the attacker opens a browser screen and steals what’s keyboard while the USB cable is plugged in: words, phrases, logins and passwords.

Additionally, the cables have geo-blocking feature, where the attacker can prevent access to stolen data based on distance. MG claims he tested the cables in Oakland, California, and was able to capture information remotely over a mile away.

Via VICE

Read more:

Have watched our new videos on YouTube? Subscribe to our channel!