Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords - MacRumors
Skip to Content

Security Researcher Develops Lightning Cable With Hidden Chip to Steal Passwords

by

A normal-looking Lightning cable that can used to steal data like passwords and send it to a hacker has been developed, Vice reports.

omg lightning cable comparisonThe "OMG Cable" compared to Apple's Lightning to USB cable.

The "OMG Cable" works exactly like a normal Lightning to USB cable and can log keystrokes from connected Mac keyboards, iPads, and iPhones, and then send this data to a bad actor who could be over a mile away. They work by creating a Wi-Fi hotspot that a hacker can connect to, and using a simple web app they can record keystrokes.

The cables also include geofencing features that allow users to trigger or block the device's payloads based on its location, preventing the leakage of payloads or keystrokes from other devices being collected. Other features include the ability to change keyboard mappings and the ability to forge the identity of USB devices.

The cables contain a small implanted chip and are physically the same size as authentic cables, making it extremely difficult to identify a malicious cable. The implant itself apparently takes up around half of the length of a USB-C connector's plastic shell, allowing the cable to continue to operate as normal.

omg lightning cable x rayAn x-ray view of the implanted chip inside the USB-C end of an OMG Cable.

The cables, made as part of a series of penetration testing tools by the security researcher known as "MG," have now entered mass production to be sold by the cybersecurity vendor Hak5. The cables are available in a number of versions, including Lightning to USB-C, and can visually mimic cables from a range of accessory manufacturers, making them a noteworthy threat to device security.

Tag: Lightning

Popular Stories

Apple Logo Spotlight Blue

Apple Unveiled These Five New Apps Last Week

Saturday June 20, 2026 8:00 am PDT by
Apple last week unveiled five new apps, with four announced at WWDC 2026 alongside its upcoming fall software updates, one released in beta for developers, and one released independently by its subsidiary Claris. Siri AI App One of the biggest announcements of WWDC 2026 was Siri AI, a ground-up rebuild of Apple's voice assistant that for the first time comes with a dedicated standalone...
Read Full Article43 comments
Apple Event Logo

Apple to Release These 20 New Products Across Rest of 2026 and 2027

Sunday June 21, 2026 7:42 am PDT by
Apple's annual WWDC developers conference is in the rearview mirror, but there is still a lot to look forward to over the next year and beyond. In his Power On newsletter today, Bloomberg's Mark Gurman listed around 20 products that he expects Apple to release across the remainder of 2026 and 2027. Now that the more intelligent and personal version of Siri has finally arrived in beta, a...
Read Full Article68 comments
Aston Martin CarPlay Ultra Screen

Apple Says CarPlay Ultra is Coming to These Vehicle Brands

Thursday May 21, 2026 11:53 am PDT by
Last year, Apple launched CarPlay Ultra, the long-awaited next-generation version of its CarPlay software system for vehicles. Nearly a year later, CarPlay Ultra is still limited to Aston Martin's latest luxury vehicles, but that should change fairly soon. In May 2025, Apple said many other vehicle brands planned to offer CarPlay Ultra, including Hyundai, Kia, and Genesis. CarPlay Ultra...
Read Full Article

Top Rated Comments

zorinlynx Avatar
zorinlynx
63 months ago
>and then send this data to a bad actor who could be over a mile away. They work by creating a Wi-Fi

"a mile away"

"Wi-Fi"

These hackers need to work for Asus, Ubiquity, Linksys, etc. and improve WiFi range!
Score: 59 Votes (Like | Disagree)
C
coachgq
63 months ago
guess I should pay the $20 to apple instead of the $7 to an ebay seller to keep my info safe? Danggit that sucks!
Score: 32 Votes (Like | Disagree)
E
ersan191
63 months ago
"who could be over a mile away"

Damn the WiFi in my house barely reaches my garage, maybe I need one of these cables.
Score: 28 Votes (Like | Disagree)
A
abbeybound
63 months ago
I'm going to call BS on this. A powerful compute module with memory, wifi with somehow a one mile range, and location services for geofencing, all in half a USB-C connector?
Score: 28 Votes (Like | Disagree)
B
bearda
63 months ago
So there's a lot of scaremongering and assumptions being thrown around here. For the key logging function you have to be using the cable to hook up between a keyboard and a device so the traffic can be sniffed. Wireless keyboard aren't affected. Onscreen keyboards aren't affected. iOS devices lock the USB port by default (the phone "unlock your phone to use the connected device" prompt you get when connecting to a car, etc) so it's not like this is going to allow an attacker any additional access to a locked phone.

Don't connect your device to random cables and you'll be fine.
Score: 20 Votes (Like | Disagree)
Maclver Avatar
Maclver
63 months ago

So who will they sell to?
No one.... They will probably sit in the airport and plug them into the charging stations
Score: 15 Votes (Like | Disagree)
Read All Comments