A USB Killer is a device that is designed to be portable and sends high-voltage power surges repeatedly into the data lines of the device it is connected to, which will damage hardware components on unprotected devices. The device has been designed to test components for protection from power surges and electrostatic discharge.
The device typically contains several capacitors and charge and discharge circuitry. When the device is connected to a USB port, the capacitors are charged from the USB port's 5 volt supply. When they are fully charged, the device discharges them through step-up circuitry, which delivers a high voltage back into the USB port. Versions of the device have been reported to deliver a pulse of around 200 V. This greatly exceeds the normal voltage the USB host adapter is designed to accept; the intention is that the device will destroy it (and perhaps the southbridge which it often forms part of). In many cases, this will render the computer inoperable.
There are different models of the device, the latest being USB Killer v4. Earlier generations, including USB Killer v2, were developed by a Russian computer researcher with the alias Dark Purple.
A more recent version uses the piezo inverter transformer from a CCFL driver with a simple two transistor resonant Royer oscillator, one shot timer and a spark gap as a lightweight way to generate an 1800V sharp pulse more closely simulating a low power electrostatic discharge for mitigation and circuit testing purposes. The prototype has a countdown timer and ascending bleep warning to reduce the chances of accidental or malicious use.
One author believes that the new cryptographic authentication protocol for USB-C authentication announced by the USB Implementers Forum would help to protect against this device by preventing unauthorized USB connections from being made, although some manufacturers now claim that they can bypass this protocol. Some developers of the device believe that an optocoupler can protect against the device, but from later testing even applying a short risetime high voltage pulse to the case can damage some sensitive systems.
In April 2019, a student at College of Saint Rose in Albany, New York pleaded guilty to destroying 66 computers in his college using a USB killer. He also destroyed seven computer monitors and computer-enhanced podiums. He was sentenced to 12 months in prison, followed by a year of supervised release. He was ordered to pay $58,471 in restitution.
- Armasu, Lucian (2017-08-12). "'USB Killer 2.0' Shows That Most USB-Enabled Devices Are Vulnerable To Power Surge Attacks". Tom's Hardware.
- "USB Killer: A device that can destroy a PC in seconds". Deccan Chronicle. 2017-08-12.
- Bolton, Doug (2017-08-12). "Russian computer researcher creates a USB killer thumb drive that will fry your computer in seconds". The Independent.
- "The USB Killer, Version 2.0". Hackaday. 10 October 2015.
- "The Etherkiller". Retrieved 3 October 2018.
It all started one day with this guy, the original Etherkiller, developed with a few misc parts to warn new users that the IT department is not to be messed with. You too can make one at home, connect the transmit pins of the RJ-45 to HOT on 110VAC and the receive pins to Common.
- Tomas C (27 June 2018). "This $3 DIY USB Device Will Kill Your Computer". Hacker Noon. Retrieved 2 October 2018.
- Buis, Juan (9 November 2016). "This terrifying homemade USB killer will instantly kill your computer". The Next Web.
- Anthony, Sebastian. "USB Killer now lets you fry most Lightning and USB-C devices for $55". Ars Technica.
- "Indian Student in US Sentenced to 1-Year in Prison for Damaging University Computers". NDTV India. 14 August 2019. Retrieved 16 April 2019.