Fake iPhone charger warning: Hacked cable lets cyber crooks hijack your computer

A fake iPhone charger has been developed that could allow cyber crooks to hijack victims' computers.

The charger, created by security researcher Mike Grover, looks like a genuine Apple Lightning cable, commonly used to charge iPhones and sync them to iTunes.

However, when it is plugged into a computer and connected to WiFi, it gives the hacker full control over the system, allowing them to carry out commands remotely.

Grover revealed the cable, dubbed O.MG, at last week's DefCon cybersecurity convention in Las Vegas, highlighting what he says has been an under-investigated area of mobile security.

SEE ALSO :Apple pushes recycling of iPhone with ‘Daisy’ robot

"It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," he told Motherboard .

Grover says that the cable, which thankfully is only a prototype, could be used to download and launch malware, remove devices from Wi-Fi networks, and even reconfigure systems.

"It’s like being able to sit at the keyboard and mouse of the victim but without actually being there," he said.

For More of This and Other Stories, Grab Your Copy of the Standard Newspaper.  

Grover made the cables by hand, painstakingly modifying real Apple cables to include the "implant" containing the components that allow the computer to be accessed remotely.

He is selling the cables for $200 (£165) each.

SEE ALSO :Apple takes smartphone sales crown from Samsung

The current version requires the attacker to be within 300 feet of the victim, but Grover said a hacker could use a stronger antenna to reach further if necessary.

"The cable can be configured to act as a client to a nearby wireless network. And if that wireless network has an internet connection, the distance basically becomes unlimited," he said.

Apple recently announced that it will pay ethical hackers more than $1 million if they responsibly disclose dangerous security vulnerabilities to the firm.

The new “bug bounty”, up from a previous maximum of $200,000, is designed to discourage security researchers from selling the bug to governments or contractors who intended to use it to hack state enemies, rather than fix it.

Do not miss out on the latest news. Join the Standard Digital Telegram channel HERE.

Get the latest summary of news in your email every morning. Subscribe below

* indicates required
iPhoneCharger cableLas Vegas