The Russian cybersecurity expert, Dark Purple, who created the devious USB Killer pen drive, has created a new version of the malicious hardware that can brick a device as soon as it is plugged in.
In a new blog post (link in Russian), the somewhat anonymous Dark Purple described his device, simply titled USB Killer v2.0. It doesn’t install any malware on your computer once you plug it in. Instead it sends a 220-volt charge through the USB’s signal lines and destroys the computer.
The original USB Killer, first revealed online back in March, administered 110 volts, which was more than enough to fry your computer anyway.
USB Killer looks quite inconspicuous, too, and could be easily mistaken for an average USB drive.
Dark Purple posted a short video demonstrating the USB in action, where he destroys the motherboard of a Lenovo Thinkpad X60 laptop, which he bought specifically for the test, in just a couple of seconds.
“[It] is extremely unlikely that the hard disk was damaged and the information on it,” he says, so he will probably be able to retrieve the data. However it still serves as a good reminder to not go around plugging random USB drives you find into your computer.
Getting someone to plug in a corrupt USB drive is a common way of infecting or destroying an air-gapped computer. You just need to get it plugged in somehow. As The Hacker News points out, this was the method used to spread the infamous Stuxnet virus to Iranian nuclear centrifuges.
In a sense, an attack like USB killer is ultimately less damaging, since it’s not used to collect data or infiltrate a network. Reducing the attack is more difficult, too, because specific physical hardware is required. That means this deadly USB stick is unlikely to cause widespread havoc — but that won’t be much consolation if you do indeed fall victim to it.
