Hak5 O.MG Malicious Cable Detector found something

[RevGAM]

Hi! Black Friday afforded me many great deals, amongst them this item. Curiosity has revealed to me a cable that seems to be malicious. It's USB A to C. Should such a cable have anything other than wiring in it? When I plugged it in, the light flickered on and off (not bright, maybe 1-3x/second), and nothing was plugged in to the other end. I also tested another USB A to C cable, and the cable for my webcam, neither of which caused this.

The A side of course had a larger junction cover, but it was very tightly mounted and I couldn't remove it so I used my rotary tool to cut through the plastic. Underneath was soft rubber, which I removed with a knife, but nothing other than wires were there.

The C side had a small cover over the junction between plug and cable, and that cover was loose enough that it came off by itself months ago. Hidden under the rubber on that side was a tiny PCB. Now, I have no idea what that PCB is for, nor do I recall which device it came with, sadly.

So, is this one legit and needs a PCB to work, making the other one a much slower, fake USB A to C, or is the other one legit and this one is malicious?

[Blue4130]

14 minutes ago, RevGAM said:

Hi! Black Friday afforded me many great deals, amongst them this item. Curiosity has revealed to me a cable that seems to be malicious. It's USB A to C. Should such a cable have anything other than wiring in it? When I plugged it in, the light flickered on and off (not bright, maybe 1-3x/second), and nothing was plugged in to the other end. I also tested another USB A to C cable, and the cable for my webcam, neither of which caused this.

 

The A side of course had a larger junction cover, but it was very tightly mounted and I couldn't remove it so I used my rotary tool to cut through the plastic. Underneath was soft rubber, which I removed with a knife, but nothing other than wires were there.

 

The C side had a small cover over the junction between plug and cable, and that cover was loose enough that it came off by itself months ago. Hidden under the rubber on that side was a tiny PCB. Now, I have no idea what that PCB is for, nor do I recall which device it came with, sadly.

So, is this one legit and needs a PCB to work, making the other one a much slower, fake USB A to C, or is the other one legit and this one is malicious?

The only thing on the pcb is a resistor. You killed a decently fine cable.

[da na]

Seems like a false positive. Cables can be built in numerous ways, with or without PCBs, but one thing's for sure: There's no silicon logic on that PCB. It is incapable of installing malware on its own.

[seon123]

20 minutes ago, RevGAM said:

Should such a cable have anything other than wiring in it?

What gave you the impression that a USB cable is just a bunch of wires? On higher end charging cables you'll always find an e-marker chip, as high wattage USB PD requires an electronically marked EPR cable. 

 

E.g. this one has a 48 MHz Cortex-M0 CPU, 32 KB flash memory and 4 KB SRAM. 

Spoiler

 

https://www.chargerlab.com/diy-teardown-of-thunderbolt-4-240w-usb-c-cable/

 

[RevGAM]

24 minutes ago, seon123 said:

What gave you the impression that a USB cable is just a bunch of wires? On higher end charging cables you'll always find an e-marker chip, as high wattage USB PD requires an electronically marked EPR cable. 

 

E.g. this one has a 48 MHz Cortex-M0 CPU, 32 KB flash memory and 4 KB SRAM. 

  Reveal hidden contents

 

https://www.chargerlab.com/diy-teardown-of-thunderbolt-4-240w-usb-c-cable/

 

Well, I only recently (i.e. the past month) became aware of PCBs in cables because of an LTT video. Cables haven't exactly been on my radar - I'm not THAT much of a geek! Also, when I did a couple of searches about PCBs in USB cables, I found nothing. After I opened it up is when I found IMAGES showing a PCB.  Thus, I have to ask when Google fails me...or my search terms do.

 

48 minutes ago, Blue4130 said:

The only thing on the pcb is a resistor. You killed a decently fine cable.

47 minutes ago, da na said:

Seems like a false positive. Cables can be built in numerous ways, with or without PCBs, but one thing's for sure: There's no silicon logic on that PCB. It is incapable of installing malware on its own.

Sigh, I didn't kill the cable - it still works. I'll just tape it up with electrician's tape.

And what of the OTHER A to C cable that did NOT get "detected"? Can such a cable work at expected speeds without a PCB?

[Blue4130]

2 minutes ago, RevGAM said:

And what of the OTHER A to C cable that did NOT get "detected"? Can such a cable work at expected speeds without a PCB?

Yes. That type C cable only has the pcb because the pins are too small and fragile to wire to directly. The PCB gives the maker something with more support to solder to.  Type A cables use significantly larger pins and wires that can support themselves.

[GuiltySpark_]

A lot can go on in good cables. 

 

https://www.zmescience.com/science/news-science/x-rays-usb-c-cables/

[RevGAM]

32 minutes ago, GuiltySpark_ said:

A lot can go on in good cables. 

 

https://www.zmescience.com/science/news-science/x-rays-usb-c-cables/

That reminds me - I saw the video where they were scanning those cables. It was really much more interesting than still photos!