post DEFCON update: BBC took a look at this during DEFCON, work is still in progress https://www.bbc.co.uk/news/technology-45139397
Original post:
This is a work in progress, but I am putting it out there with limited info in hopes that a few people would like to partner up. I have a PoC of the hardware mostly ready, but at least one decent payload needs to be made. Currently, Brannon Dorsey is playing around with the early stages of one possible payload. If you’d like to help make some payloads, I will be at DEFCON and would love to chat.
For everyone else: Full details will come later. I have no idea if this will be something you can get your hands on without building it yourself. But I do see potential for a batch to be produced in a way that doesn’t get the maker immediately sued by <brand of power brick>. I will try to make that happen.
Video demo below. It’s a USB C charger. This is not an HID attack, the mouse clicks you see in the video were my hands manually clicking around. The attack in this specific demo is happening at the network level, but that isn’t the only way this can work.
Demo of a work in progress. I’m looking for help with writing payloads. Come chat with me at @defcon if you’d like to collaborate.
Power adapter. Silent infection. Cross platform. Not just Apple hardware.
Project page with info: https://t.co/b62N5cWVSG
1/n pic.twitter.com/pxwrb9o9HU— MG (@_MG_) August 3, 2018