The USB Killer exploits a vulnerability manufacturers haven’t bothered fixing.
Whatever you do, don’t mistake this USB stick for the one holding your Powerpoint.
When plugged into any device, The USB Killer, released earlier this summer, rapidly draws power from the hardware, then returns that power in an overloading burst. According to the makers, this “instantly and permanently disables unprotected hardware.” Potential targets include not just PCs, but TVs, copy machines—anything with a USB port.
The device, marketed as a testing tool for administrators looking to protect their systems, sells for 49.95 Euros, or around $56 dollars. Demand has apparently been high, with the manufacturers reporting backorders.
Despite the obvious nefarious potential for the tool, its public release at least appears well-intentioned. The USB Killer was developed by a security hardware team based in Hong Kong, who first publicized the vulnerability it targets over a year ago, and developed an early prototype.
But the team was deeply frustrated to see manufacturers take little action on closing the vulnerability. According to the team, Apple is to date the only manufacturer that protects their devices against this so-called USB surge attack.