There are two types of bad USBs out there. One lets you trick the computer into thinking it's a keyboard or other USB device, and the other goes straight over malicious into computer killing territory.
Last year, Russian security researcher Dark Purple designed a USB stick that uses high voltage to fry a computer system, or at least, the USB port. Now a Hong-Kong-based company has turned that concept into an actual $50 product that anyone can buy, dubbed the USB Killer.
When plugged into a device, the USB Killer rapidly charges its capacitors from the USB power lines. When the device is charged, -200VDC is discharged over the data lines of the host device. This charge/discharge cycle is repeated many times per second, until the USB Killer is removed.
The company states that pretty much any computer or device with a USB port is at risk of a power surge attack, including photo booths, copy machines, gaming consoles... you get the picture. However, they claim that the only systems to defeat its viciousness were newer MacBook models, which isolate the data lines (but we wouldn't recommend testing that claim out). You can see it in action below.
The company is also offering a USB Killer Tester for $14 (though it's half off with the purchase of a USB Killer), which lets you test out the USB Killer without damaging a computer or USB port. This shield can help make sure the USB Killer is still functional, and can even help test out your own portable DIY kill drives.
This USB shield can also protect against "juice jacking," where hackers can steal data from your smartphone when connected to a computer or random power station.
While a computer may not literally catch on fire, it'll be relatively useless after a power surge attack. The company does not condone malicious activity, but it's likely an evil prankster or two will create a path of destruction that will seriously hurt people's wallets.
Want to start making money as a white hat hacker? Jump-start your hacking career with our 2020 Premium Ethical Hacking Certification Training Bundle from the new Null Byte Shop and get over 60 hours of training from cybersecurity professionals.
Other worthwhile deals to check out: