Grover created a working example of a USB cable with an integrated WiFi controller that can communicate with a nearby smartphone. The cable passes itself as a "Human Interface Device", which gives its access to certain system resources right away:
The victims may think they are using a generic USB cable, but the PC will recognize the cable as a Human Interface Device, much like it would a mouse or keyboard, giving the attacker just enough permissions to wreak havoc inside the system.Once the cable is plugged in, an attacker can remotely take over the PC via various exploits delivered through the cable. This sort of attack works against Windows, Linux, and iOS devices. Interesting stuff.
As you may already know, a mouse or keyboard can be used as soon as it's plugged into a PC, even if the system is locked with a password or biometric, which means these peripherals can bypass the operating system’s protection features and gain access to some system resources right away.