Be careful whose charger you borrow: Phone charging cables can hack your devices, experts say

For most people, borrowing a cable from someone else to charge your phone may seem as commonplace as asking for the time. But that ordinary-looking charging cable could actually contain malware intent on stealing your passwords and other sensitive information.

“Being careful about what you plug into your devices is just good tech hygiene,” Charles Henderson, Global Managing Partner and Head of X-Force Red at IBM Security, told Forbes.

Henderson runs a team of hackers tasked with breaking into computer systems of major companies in order to expose vulnerabilities.

He told Forbes, “If you were on a trip and realized you forgot to pack underwear, you wouldn't ask all your co-travelers if you could borrow their underwear. You'd go to a store and buy new underwear.”

FILE - A lightning cable for powering Apple iPhones and iPads.

FILE - A lightning cable for powering Apple iPhones and iPads. (Photo by Jaap Arriens/NurPhoto via Getty Images)

While you might think the technology required to modify a charging cable would be expensive, it’s not, and once you’re exposed, it’s fairly easy for the hacker to get a hold of your information.

A hacker that goes by “MG” was selling an iPhone lightning cable called the “O.MG Cable” for $200 that can take control of any Mac computer, remotely gaining access to passwords and sensitive information.

According to his website, once the cable is plugged into a computer or phone, it can be controlled through a wireless network that is built inside the cable. “MG” adds that as soon as he is able to gain access to the information he needs, he can kill any traces of evidence that it existed on your device at all.

While this all may seem concerning to the average consumer, Henderson told Forbes that threatening charging cables aren’t necessarily a widespread threat just yet, mainly because “this kind of attack doesn't scale real well, so if you saw it, it would be a very targeted attack.”

“Just because we haven't yet seen a widespread attack doesn't mean we won't see it, because it certainly does work,” Henderson told Forbes.

News