At the DEF CON conference, a new version of the O.MG malicious cable, called O.MG Elite, was demonstrated. At a glance, such cable does not differ from a regular Lightning or USB-C cable, but in reality, it is a dangerous variation on the Rubber Ducky theme.
We also wrote that The Researcher Showed How to Get Root Access to Agricultural Machinery John Deere.Let me remind you that the first version of the O.MG cable appeared back in 2019, and it was invented by the well-known information security specialist and engineer Michael Grover, also known by the nickname MG. Such cable looks very similarly to the usual one, and it can be connected to a machine running Linux, Mac or Windows. But in reality, O.MG is not at all so simple and is defined by the system as a HID (Human Interface Device), that is, a USB device for interacting with a person (usually a keyboard, mouse, game controller, and so on).
Since MG even added support for wireless connections to its development, as a result, by connecting the O.MG cable to the target machine, the attacker was able to execute any commands via Wi-Fi, as if he were simply typing them on the keyboard of the target computer.
Interestingly, unlike other MG projects (which were repeatedly demonstrated on its Twitter attacks through man-made malicious USB cables and even the failure of special protective adapters that should protect against attacks via USB), the O.MG cable was not only shown on the Internet and was sold to a few specialists at DEF CON, but it entered a series production thanks to Grover’s collaboration with Hak5.
This year, the expert pleased fans of hacker hardware with a novelty: but at the DEF CON conference, he presented an early version of the updated O.MG cable, which received the Elite prefix.
O.MG Elite “Stuffing”
The grower claims that one such cable can replace $20,000 worth of equipment. In particular, advanced network functions distinguish it from its predecessor O.MG Elite: now the cable can support two-way communication with its operator.
O.MG Elite is capable of attacking and reading data that is transmitted over a cable, for example, between iPhone and Mac, or any other combination of devices (Lightning to USB-A, Lightning to USB-C, C to C and microUSB).
The novelty also boasts expanded payload storage, and O.MG cable operators can now control multiple malicious devices at once through a single control server.
The updated O.MG Elite, currently in early access, starts at $179.99. In fact, the hardware is already completely ready, and now the developers are offering everyone to test new software features while MG and his colleagues finish development. However, buyers can use the latest stable firmware, in which there are simply no new features (and potential bugs). The O.MG Elite is scheduled to be finalized by 2023.
