Do you remember the killer USB?
In March I presented the proof-of-concept computer-frying Killer USB pendrive designed by the Russian researcher with the pseudonym “Dark Purple.”
Dark Purple works for a company that develops and manufactures electronic components, the researchers together with his colleagues decided to create a USB flash drive which a specific purpose, it “would burn half a laptop down.”
The researchers used a small board with a DC/DC converter, a few caps, and a FET. When the USB Killer was plugged into a PC, the converter would charge the caps up to -110V, dump that voltage into the USB signal wires, and repeat the entire process until the computer or the port die.
Now the same researcher has presented USB killer v2.0 that could be used once again burn a PC or at least kill its USB port.
“Finally we managed to organize the installation and testing of prototypes of a new version of the device. Devices that perform only one function – the destruction of computers. But let’s not limited to computers, the device is able to incapacitate almost any equipment equipped with USB Host interface.” states Dark Purple in a blog post.
Respect the first version of the USB Killer, this second version has been definitely improved, in fact, it dumps -220V directly onto the USB signal wires. Amazing!
“The main feature of the new version of the device is increased twice, “output” voltage, it is now 220 (strictly speaking, minus 220). Also in the new version the efforts were aimed at making the device even more compact, as in the first version had slightly modifying the body, so that everything fits” continues Dark Purple.
Dark Purple explained that he has destroyed his Thinkpad X60 by testing the USB killer 2.0, he also provided a video PoC of the hack.
Dark Purpl confirmed that the laptop was new and he has bought it to test the USB Killer 2.0.
As explained in my previous post, Killer USB is not a new concept, weaponized devices could be used to cause malfunction in target systems or to disable defensive systems. USB represents a valid weapon to compromise the system in air-gapped networks.
Let’s think to the Stuxnet case, or the Fanny implant belonging to the arsenal of the Equation Group APT.
Enjoy the video 😉
(Security Affairs – Killer USB 2.0, Hacking)