It sounds like the premise for a bad horror movie, but itâ€™s not. The USB Kill Drive can reportedly fry an entire laptop or PC utilizing some kind of â€œworse-than-ransomwareâ€ nightmare program. Itâ€™s also known colloquially as a â€œkill stick,â€ and there are verified reports of this malicious USB drive being able to kill any PC or device itâ€™s plugged into in a matter of seconds. Killing the innards, that is, not literally melting it down. ZDNet is even reporting that you can buy a USB PC killer â€œfor just a few bucksâ€ (actually, more like $50). Nice. And who is selling this computer-destroying USB drive, you might ask? Well, apparently a Hong Kong company named USBKILL.com developed it, announcing their new product in an August 16 press release on their website.
So, why on Earth would anyone outside of the most malicious hacker stoop to create something like this? Well, it appears the aforementioned maker of the device created it to demonstrate how hopelessly vulnerable â€œpublic facing USB port[s]â€ are to malicious attacks â€“ such as the one they created, ironically. They name copy machines and even airline entertainment systems in their report on this apparently universal security flaw. They also cite electrical attacks as being a possible culprit, along with the hacker and his â€œkill stick,â€ or, presumably, a similarly-developed device.
To quote from the USBKILL.com press release:
â€œHardwareÂ designers/testersÂ of publicÂ machines: photo booths, copyÂ machines, airline entertainmentÂ systems,Â ticket terminals, etc.Â ÂÂ with exposed USBÂ portsÂ should ensure that their systemsÂ resistÂ electricalÂ attacksÂ via the USBÂ port. Likewise, hardware designersÂ of private machines:Â cellphones,Â laptops, televisions, portable devicesÂ Â should protect their devices againstÂ maliciousÂ attacks.
PenetrationÂ TestersÂ andÂ securityÂ auditorsÂ should include the USBÂ kill 2.0 to their arsenal of testingÂ tools.â€
The USB kill devices are currently selling for 49,95 â‚¬, or around Â£42.00, or $56.00 on the USBKILL website. But, one must wonder, are they comprehensively tracing the sales of these things, like weapons? They are offering it as part of a kit called USB Killer Protection Shield, which allows for the testing of USB vulnerability to occur on the device without the actual results of destroying a PCâ€™s innards taking place.
Interestingly, the only hardware to date that has resisted the USB Kill 2.0 device has been the new-generation MacBooks, which â€œoptically isolate the data lines on the USB ports,â€ according to the USBKILL press release. Is all of this just an advertisement for MacBooks? Will it end up giving malicious hackers the bad idea that the USBKILL people were attempting to prevent in the first place? Hopefully, the sale of these kill drives will only make it into the hands of well-meaning and responsible IT diagnosticians, and not those of evil hackers.