Apple has always discouraged the use of third-party accessories, especially those that have not been certified for its devices. Its argument has always been on the safety of devices, especially lightning cables that charge iPhones and carry data to and from the mobile device. Now it might have yet another reason to discourage such accessories as a hacker just proved how relatively easy it is to modify a Lightning cable to turn it into a tool for remotely hacking Macs.
It looks like a genuine Apple Lightning cable and even comes in the same packaging as one. For all intents and purposes, it is a regular Lightning cable that could deceive even trained eyes. But at DEFCON, the security researcher only known as _MG_ on Twitter demonstrated how nefarious these cables can be.
These Lightning cables actually contained an implant that basically gave wireless access to a Mac. Like any other Lightning cable, users will often agree to give an accessory access to their computers, not knowing it isn’t what it seems. A hacker like MG could simply whip out their iPhone and connect to the implant’s IP address to do all sorts of things like starting Terminal and running other commands.
What makes this kind of attack more worrying is in how easy it is to make them. Make no mistake, there was painstaking work involved in disguising the Lightning cables. They can, however, all be made in a normal household and by the dozens. _MG_ was selling them for $200 each.
He is, however, presenting it as a legit security tool but who knows if it won’t end up in some less conscientious person’s hands. It’s also only the beginning. MG only started with Lightning cables because they were the hardest to modify and spoof. Having succeeded that, everything else might be a piece of cake.