The next time you charge your iPhone at a public location, be careful. A charging cable that looks almost like the real thing and costs just $200, can be used to hack your device. In a demonstration at DefCon 27, a hacker who goes simply by "MG," showcased that he could easily infect a third-party iPhone cable using a tiny Wi-Fi enabled implant. It provides a hacker remote access and control of the PC that it is connected to.
MG modified a third-party USB charging cable for the Apple iPhone and was able to execute the operation.
MG told TechCrunch: "This specific Lightning cable allows for cross-platform attack payloads, and the implant I have created is easily adapted to other USB cable types. Apple just happens to be the most difficult to implant, so it was a good proof of capabilities."
While generally, hacks are conducted using software and apps that infect the operating system, now hardware is also not a safe option.
"Suddenly we now have victim-deployed hardware that may not be noticed for much longer periods of time. This changes how you think about defense tactics. We have seen that the NSA has had similar capabilities for over a decade, but it isn't really in most people's threat models because it isn't seen as common enough," MG further added.
He stated that not just using random flash drives, but even cables could put your device at risk.
So how do users ensure the safety of their devices? One should not accept chargers from strangers and also carefully have a look at the charging cable before plugging their device. It will also help if one only buys chargers from official stores or well-known sellers rather than going for cheap bargains available on shopping websites such as Amazon. Carrying the original cable when venturing out is also a good suggestion.