According to the company, the main purpose of developing the product was to allow companies to test if their devices are vulnerable to USB power surge attacks. So, how does it work? Once the USB Kill stick is plugged in, it quickly charges its capacitors from the USB power supply, and then ejects all in a matter of seconds. The makers of the device say it will “instantly and permanently disable unprotected hardware” on equipment that are not protected. For instance, a device such as an airline entertainment system or a copy machine can be used and exploited, not just by a hacker or malicious actor, but also electrical attacks, if it has an exposed USB port. “Any public facing USB port should be considered an attack vector,” says the company. “In data security, these ports are often locked down to prevent exfiltration of data, or infiltration of malware, but are very often unprotected against electrical attack.” Launched on August 16, the USB Kill 2.0 is already out of stock in its company’s store. The USB Kill comes at a cost price of €49.95 (about $56), along with a Test Shield, which allows users to test their devices without destroying their hardware, at an additional cost of €13.95 (about $16). Removing this protection shield weaponizes the device, which will then be able to destroy the devices it’s being plugged into. The company says on its websites that it “strongly condems [sic] malicious use of its products.” According to the company, 95 percent of all devices that are available on the market today are vulnerable to power surges introduced via the USB port, based on its own set of tests. However, not every device is susceptible to a USB Kill 2.0 attack. The device maker said that Apple “voluntarily” protected its recent MacBook models, which optically seperate the data lines on the USB ports.
Source: ZDNet
