You may decide to stop borrowing USB chargers after reading this. When last did you borrow a USB charger from people to charge your phone? Or are you among those of us who just plug in our phone on any available USB port or charger we see?
What if I tell you that you may have been hacked using an OMG cable? We are in an age of technological advancement where everyone should carry their own charging cable around. It is now a risky venture to borrow a USB cable or port from people to charge your mobile device.
It doesn’t matter if you are using an android or an iPhone, once you connect or charge your phone using this malicious OMG cable, then you are hacked over Wi-Fi. This is very simple and the hacker does not have to touch your phone.
Therefore, know it today and share with your friends that not every USB cable is safe. These cables can be used to hack your Facebook, Bank account, and other internet accounts once it gets access to your phone. If you were not scared of USB cables before, this is the right time to be. Remember, the information on this post is for educational purposes and not to be used for malicious purposes.
What is an O.MG Cable?
OMG cable (Offensive MG kit) is a product of the MG (Mischief Gadgets) team. It is a cable that can create a Wi-Fi hotspot connection capable of executing malicious code remotely. The OMG cable hides a backdoor inside the shell of the USB connector with a Wi-Fi microcontroller.
This makes it possible that once this cable is plugged into your computer or phone, you will be a victim of remote attacks over the Wi-Fi. One bad news about this cable is that it is very difficult to differentiate them from the regular USB cables we use to charge our phones. According to how Hak5 described this cable on their website, “every OMG cable is hand-built.
They match the real thing with unbelievable accuracy”. The cable was carefully made to make it difficult to differentiate from normal cables. Keep reading as we will discuss possible ways to detect this malicious cable. Another bad news or rather good news for hackers is that Hak5 has teamed up with MG to allow more people to have access to the cable. This cable can now be bought from the hak5 website at about a hundred and some dollars.
Just imaging your spouse or friend having an OMG cable now and you don’t know and have been lending it to charge your device. OMG attacks are so easy to carry out that they can be done without using a computer. With a click of a button, the hacker can execute a payload on a connected device remotely.
What Happens When You Connect Your Phone to an OMG Cable
The moment you connect your device to an OMG lightning cable to charge, the attacker or the person that set up the cable can then control your phone remotely. The person can do that over the wireless Wi-Fi hotspot network created by the USB cable. Once the connection is established, the hacker can now execute any payload on your phone remotely. What they can now do on your phone depends on the kind of payload code they are executing.
They can decide to install a keylogger on your phone, which will help them steal all the keystrokes you are pressing on your phone. These include your passwords and the website names you visit. The OMG keylogger edition developed to attack detachable keyboards has the capacity of storing up to 650,000 keystrokes.
They can also decide to steal your Wi-Fi passwords or use your phone to perform an action they want. Remember, hackers can control your device with this cable over a 2kilometer distance range.
How Do You Protect Yourself?
The best way to remain safe from malicious or bad USB cables is to use cables from a trusted source, like your phone manufacturer or reliable cable vendors. Detecting these cables by looking at them is not easy. Therefore, avoid borrowing USB chargers from people.
Remember, OMG cable is not the only malicious cable or bad USB out there. We have the USB ninja cables too. Remembers that the USB Ruber Ducky is still there. Therefore, always be mindful of what you borrow and plug on your device.