On Aug. 10 we wrote about the top 10 brands that were targeted for phishing during the early months of the pandemic response. A week later we wrote about a cybersecurity flaw built into Amazon’s Alexa smart speakers that could potentially let nefarious individuals listen in on your most private moments. Two weeks ago we talked about the latest instances of COVID-19 contact tracing scams, followed up by a lengthy explanation on why it may be a good idea to blur out your home on Google Street View.
The long and short of it all? Don’t trust anybody. Not even your mom — she probably spends too much time on Facebook, if we’re being honest.
Reason No. 18,062 to not trust anybody? Fake iPhone cables that could potentially ruin your life. Let us explain.
A tech developer out of the Bay Area has designed a counterfeit cable that’s capable of enabling outside users with access to your phone or computer. The kicker? It looks identical to the official Apple lightning cable you’ve come to know and love (or absolutely hate) for the better part of the last decade. The other kicker? Dubbed the O.MG Cable, you can buy one right now for just $119.99 (and sorry, Android users, the cable also comes in different varieties: USB-A to USB-C, and USB-A to USB Micro).
“It looks like the real thing. It feels like the real thing, down to the millimeter,” the company states on the product page. “It is packed with a web server, 802.11 radio, and way more memory and processing power than the type of cable you would want for just doing demos.
“That's because the O.MG Cable is built for covert field-use by Red Teams, with features that enhance remote execution, stealth, forensics evasion, all while being able to quickly and dynamically change your tooling with minimal effort.”
If you’re unfamiliar with the whole Red Team vs. Blue Team dynamic in cybersecurity, here’s a quick rundown: red teams are offensive cyber professionals who specialize in attacking and breaking into defenses, while blue teams are those that defend against such planned cyber attacks. Both are considered the “good guys,” enabling companies to be as prepared as possible for any attack that might come their way.
But just because the product was designed for the good guys doesn’t mean they’ll be the only ones with access. Bad guys, after all, also have money.
The cable does all the things you’d expect it to do at first glance: charges your phone and transfers data. But it also contains a wireless hotspot that can allow a hacker to remotely access your information, like your passwords, from about 300 feet away.
But are you likely to be the victim of an attack? At $119.99 per cable, probably not. But considering the cable debuted at $200 in 2019 and then saw a 40% drop in the span of just a year, we may not be too far off from relatively inexpensive cables that can provide users with a lot more value than the cost of the item.
The likelihood of being on the wrong end of a counterfeit charging cable obviously goes up depending on your profession (i.e. those who work in government, intelligence agencies, law enforcement, or even frequently travel).
Either way, it doesn’t hurt to be aware of your surroundings. Here are some things you can do to avoid getting got.
Stick with the trusted brands
This is a tough one for a lot of us. While many of us have already transitioned exclusively into the world of wireless charging, charging pads still leave a lot to be desired. Between slower charging times, coil-alignment issues, and not being able to simultaneously charge and use your phone at the same time, loads of people still prefer cables.
But cables, particularly those from Apple, can be relatively expensive and fragile. That may motivate some people to jump at the opportunity for a less expensive option of what appears to be the real thing. But unless those options are coming directly from Apple, Best Buy, or another trusted retailer, probably don’t fork over your money.
Don’t leave your electronic devices unattended
We shouldn’t have to explain this one.
Don’t trust cables offered by strangers
You’re probably not frequenting airports, coffee shops, or libraries quite as often as you used to, but those days will be back soon enough. That said, make sure you pack your own cables when the world returns to its more normal state.
There are few worse feelings than traveling without modern-day necessities: snacks, your mobile device, a power bank, hand sanitizer, and a charging cable. Only one of those items falls into the category of things you may ask to borrow from a stranger, and it sure ain’t snacks.
In a world of malicious cables and conniving individuals, it’s best to probably let your device die before borrowing one from a stranger.
In other news…
In light of Apple’s decision to allow iOS 14 users to set third-party apps as the default option for email and web browser, Facebook is now asking Apple to do the same for messaging. As if a) people should trust Facebook, and b) iPhone users would ever betray iMessage.
Amazon unveiled numerous Ring security products at a recent hardware event, including a drone security camera that flies around the inside of your home. In other words, a product virtually nobody ever asked for.
Amazon launched a new feature that will allow Alexa to immediately delete your voice recordings after they’ve been processed through the software.
DHS admitted that more than 184,000 images from a facial recognition program were hacked, with as many as 19 found on the dark web last year.