View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
November 11, 2015

5 USB computer killers

List: Some of the ways the humble USB stick can be exploited.

By Charlotte Henry

USB sticks seem like simple, safe, versatile, devices for conveniently moving documents around. Their versatility is their biggest weakness though, and in the wrong hands a humble USB stick can become a highly dangerous source of attack.

CBR looks at the times USBs became a computer killer.

1. Dark Purple

A Russian security researcher called Dark Purple has shown a USB stick that fries any device that it is inserted into, by sending 220 volts through it, in a video posted on YouTube. The video shows that within seconds of the USB stick being inserted the computer goes dead, and cannot be turned again. The same happens for any device with USB capability with which the device is used.

2. Killer USB

A similar principle to the above, Killer USB destroys any machine it is placed into, although it does not appear to be connected to Dark Purple. The team behind Killer USB is though based in Russia, and is trying to raise $10,000 for the project, with each USB costing $99. The idea is to make your data unreadable in case of attack.

3. BadUSB

One of the most famous USB hacks, unveiled at Black Hat in 2014. BadUSB reporgrammes USB controller chips, exploiting the versatility of USB to turn it into something altogether more dangerous – for example, a keyboard typing keys to trigger attacks. While the original researcher, Karsten Nohl declined to publish the code, two others, Adam Caudill and Brandon Wilson did, releasing the attack into the wild. Caudill and Wilson soon after released a partial, and complicated, fix.

4. Two way infection

Another trick Caudill and Wilson pulled off was a hack that could have, in theory, spread an epidemic of malware via USB devices. They invisibly injected malware into files as they are copied from a USB device to a computer. A second invisible USB function in the malware would mean infections would be spread to any device plugged into the USB port. The potential of this attack was so devastating that Caudhill and Wilson did not release the code.

5. Win32/USB Stealer

Researchers wrote about this in 2014, it again has its origins in Russia. This attack allows breaches of air-gapped machines with sensitive data via removal devices by connecting the infected removable device in both web connected and air gapped machine, to collected interesting files.

Content from our partners
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business
When it comes to AI, remember not every problem is a nail



Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.