Want to permanently wreck someone’s computer? Destroy an expensive in-flight entertainment system? Fry the school’s photo-copier? Short out a hotel TV? Or how about melting evidence on your own computer when the police come knocking?
For about $80, you can buy an innocuous looking USB stick that can do all of these things, and basically wreck havoc on any device with an unprotected USB port. Called USBKill 2.0, it is designed to connect to any computer or system with a USB port, draw power from it until it reaches a sufficiently high voltage, then blast a huge charge back into the device, effectively destroying it.
Here’s a more technical description on the USBKill website about how it works:
[blockquote type=”default” style=”2″]The USB Kill collects power from the USB power lines (5V, 1 – 3A) until it reaches ~ -240V, upon which it discharges the stored voltage into the USB data lines. This charge / discharge cycle is very rapid and happens multiple times per second. The process of rapid discharging will continue while the device is plugged in, or the device can no longer discharge – that is, the circuit in the host machine is broken.[/blockquote]
While the actual purpose of the USBKill device is actually for engineers, penetration testers and security auditors who want to test a device’s surge resistance, it’s difficult not to look past the potential for it to be used in malicious ways. (We here at GadgetGuy.com.au certainly don’t condone misuse of this type of product.)
According to USBKill.com, 95 percent of all consumer-level devices are susceptible to the USBKill. This should be a wake-up call for manufacturers to ensure that their products are electrically shielded from power-surge type of attacks via USB ports.
[blockquote type=”default” style=”2″]To this day, according to our testing, the only company that releases hardware protected against a USB power-surge attack is Apple, on their Laptop and Desktop ranges. This means – despite adequate warning, and time to respond – the majority of consumer-level hardware manufacturers choose not to protect their customer’s devices. We are disheartend by this lack of respect for customers.[/blockquote]