What Is a USB Killer Attack

  • By Greg Brown
  • May 15, 2023

what is USB Killer attack

From the beginning of the computer revolution, there has been a smorgasbord of devices and peripherals, with some DOA and others innovative and groundbreaking. Thumb drives or USB Flash Drives were created in the early 80s, with the first commercially available drive holding 128MG. Cutting-edge USB drives of today hold 20Terabytes and up.

Unfortunately, cunning hackers consider anything electronic as fair game. Thumb drives represent an easy way for attackers to access a network. When the drive is plugged in, a download begins, with malware code designed to devastate various computer systems. Again, unwitting users insert the drive if it arrives in the mail unannounced or appears on their desk. This attack starts the same way as an email phishing assault.

USBKILL V.4 is a USB drive laden with capacitors. The drive is modified to send a 210 - 220 volt electrical surge to a data line overpowering any electronic device. Some USBKILL devices can stay unplugged for up to 200 days and still deliver a significant charge. The USB Killer V4 has evolved from a simple plug-in and zap device to a dangerous thumb drive with a remote trigger.

What is the Point of USBKill?

USBKill V.4 is used for stress testing hardware. Power is taken from the USB port when the device is plugged in. A single or continuous pulse is discharged in data lines. The discharge will disable or fry the unprotected device. 

USB stress testing is used by law enforcement, industrial clients, and hardware manufacturers. There are three versions of the industrial USB Killer.

  • Classic is the original USB device with V4 added for stability.
  • A basic edition carries an internal battery and is used for offline attacks.
  • The professional version is wireless, remote, and smartphone-controlled.

Companies manufacturing the device have significant safeguards to keep the USBKILL out of dangerous hands. However, nothing will stand in their way if a hacker truly wants an industrial-strength USBKILL. 

Sensitive data controlled by governments, industrial, and wealthy individuals might use a USBKILL drive as a Kill Switch. If a USBKILL is installed on a network or computer system and it comes under attack, owners can remotely trigger the device into action.

How to Use USBKILL V.4?

The PRO version of a USBKILL V.4 device has multiple trigger and delivery modes. The device can send a single pulse with five separate discharges through the USB port. Or a continuous pulse that does not stop until told to do so. 

Each USBKILL device has one or several trigger modes configured through an Android or IOS app. 

  • A remote trigger is a single or continuous attack with a range of 100m.
  • Smartphone triggers are sophisticated attack vectors giving hackers complete control.
  • Time attacks can be scheduled through a smartphone app for up to 200 days or more.
  • Classic triggers are activated as soon as the device is plugged in.

What Is a USB Killer Attack?

Malicious USBKILL devices are designed to obliterate a connected device, not save the data. The USBKILL software is available from GitHub if you want to destroy your computer.

Large, well-organized global hacking groups have used infected USB drives for some time. Drives are purchased for pennies, infected, and sent out to unsuspecting people. The FBI has warned of hackers sending out poisonous USB drives, targeting large corporations, government infrastructure, and more. Hacking groups Qlocker and Blackmatter use USB drives for ransomware operations, extorting millions.

How Hackers Use BadUSB Attacks?

BadUSB attacks exploit inherent flaws in a USB stick’s firmware. The attack rewrites the firmware code and tells it to act as a human interface device. Once overwritten, the USB drive is used as a keyboard with hackers in charge. The thumb drive can be told to run malicious programs in the background.

Karsten Kohl, a German Cryptographer, says, “These problems can’t be patched. We’re exploiting the very way that USB is designed.”

The USB microcontroller tells the drive to identify what it is plugged into. Once that information is obtained, the hacker reverse engineers the device to insert the malicious code. Hackers use automated keystrokes in PowerShell commands to gain access and deploy ransomware attacks. 

The FBI has again warned public companies that dangerous USB sticks branded LilyGo have been mailed out to defense, industrial, and insurance industries. Drives were configured to register as a keyboard. 

Several attack tools are downloaded with the LilyGo USB device. Tools include ransomware strains BlackMatter and REvil ransomware-as-a-service mechanism. BlackMatter is the rebrand of the DarkSide ransomware gang.

DarkSide lays claim to the ransomware attack on the Colonial Pipeline, one of the largest in the US. No concrete details are available on the attack vector, with most speculating it was an unpatched system vulnerability. The attack began with either a phishing email or probably a USBKILL V.4 device.

Building an effective yet crude USB Kill device is simple, only needing a FET (field-effect transistor) high voltage caps, a DC/DC converter, and a USB connector. This type of USB drive is designed only to destroy a computer and nothing else. 

USB Killer drives can be disguised as air ionizers or fans and can easily fool unwitting users. The power of a USB Kill device is in its simplicity and ability to inflict massive damage. As stated earlier, the device is not malware or sophisticated equipment, just a USB drive that delivers a sudden high-voltage charge to the USB port.

How to Protect Yourself from USB Killer Attack?

how to spot USB Killer attack

Combating a USBKILL device takes low-tech solutions. Group policies, software protection, and end-point management procedures do not work. Anyone with a workable USBKill drive can plug it into a port and destroy a computer. 

The easiest way is to cap the USB drive, the only physical means to stop the device. The inconvenient truth, capping all the drives prohibits the normal and legitimate use of a thumb drive. Another infinitely unpopular way to deter a person from inserting the device is to disable all USB ports.

This is a warning; never, ever insert an unknown USB thumb drive into your computer!

About the Author
IDStrong Logo

Related Articles

How To Make Your IG Account Private

There are occasions when it makes more sense to have a private Instagram (IG) account. You might w ... Read More

Windows 10 Privacy Settings You Should Change Now

Privacy is a buzzword we hear a lot these days in the wake of data breaches, Wikileaks, and other ... Read More

How to Delete Your Facebook Account

It might seem absurd to some people who live on Facebook, deleting your Facebook account. But, man ... Read More

How to Change Network From Public to Private On Windows

Privacy has become a major concern for many of us after reading about all the data breaches, hacki ... Read More

Twitter Security and Privacy Settings Made Simple

With data breaches and ransomware intrusions in the news daily, privacy is the word on everyone&rs ... Read More

Latest Articles

Family Dollar & Dollar Tree Bleed Consumer Data Following Cyberattack

Family Dollar & Dollar Tree Bleed Consumer Data Following Cyberattack

In 2015, Family Dollar acquired its biggest competitor, Dollar Tree. Family Dollar is one-half of a consumer's dream; they offer low-priced goods for families in 8,200 locations nationwide.

Weekly Cybersecurity Recap December 1

Weekly Cybersecurity Recap December 1

This week, cybercriminals targeted health lifestyle members, patients, gamblers, and general consumers. Early on, Welltok returned to the news, this time with over 426k member data stolen by assailants; the organizations impacted by the breach were Premier Health and Graphic Packaging International.

Caesars Entertainment Breach Update, Millions of Gambler Records Compromised

Caesars Entertainment Breach Update, Millions of Gambler Records Compromised

Caesars Entertainment (CE) oversees 58 gaming properties across the continental states. Their locations include world destinations, nightlife activities, a comprehensive concierge, and an industry-leading approach to draw millions of gamblers weekly.

Featured Articles

How to Buy a House with Bad Credit

How to Buy a House with Bad Credit

Buying your own home is the American Dream, but it might seem out of reach to those with bad credit. However, the good news is, if your credit is less than perfect, you do still have options and in most cases, can still buy a home.

How Secure Is Your Password? Tips to Improve Your Password Security

How Secure Is Your Password? Tips to Improve Your Password Security

Any good IT article on computers and network security will address the importance of strong, secure passwords. However, the challenge of good passwords is that most people have a hard time remembering them, so they use simple or obvious ones that pose a security risk.

Top 10 Senior Scams and How to Prevent Them

Top 10 Senior Scams and How to Prevent Them

Senior scams are becoming a major epidemic for two reasons. First, seniors often have a lot of money in the bank from a life of working hard and saving.

Free Identity Threat Scan
Instantly Check if Your Personal Information is Exposed
All fields below are required
Please enter first name
Please enter last name
Please enter a city
Please select a state
Please enter an age
Please enter an email address