A USB cable with built in operating system and wifi for exploiting computers
A tiny circuit board containing an ESP32-S3 hides inside a USB-C plug on each cable, and can carry out a keystroke injection attack. The cableâs firmware is open-source, and has an impressive set of features: a payload syntax checker, payload autocompletion, OS detection, and the ability to impersonate the USB device of your choice. \ The cable provides a control interface over WiFi, and itâs possible to edit and deploy live payloads without physical access to the cable (this is where the syntax checker should be particularly useful). The firmware also provides a remote shell for computers without a network connection; the cable opens a shell on the target computer which routes commands and responses through the cableâs WiFi connection (demonstrated in the video below). \ The main advantage of the Evil Crow Cable Wind is its price: only about $25, at which point you can afford to lose a few during deployment. Weâve previously seen a malicious cable once before. Of course, these attacks arenât limited to cables and USB drives; weâve seen them in USB-C docks, in a gaming mouse, and the fear of them in fans.
https://hackaday.com/2025/06/16/an-open-source-justification-for-usb-cable-paranoia/
