Author Topic: This will kill anything instantly!  (Read 7536 times)

0 Members and 1 Guest are viewing this topic.

Offline axeroTopic starter

  • Regular Contributor
  • *
  • Posts: 108
This will kill anything instantly!
« on: March 13, 2017, 04:51:12 pm »
This thing has been vexing me quite a bit:

https://arstechnica.com/gadgets/2016/12/usb-killer-fries-devices/

In short, it is a miniature stun-gun that they have managed to pack into a USB-stick where the voltage is supplied from the USB port. The high voltage (~200V) is then fed back into the USB-port which kills almost any device instantly.

There are a lot of Youtubers that have fried different devices with this generating millions of views. This is something that concerns a lot of Admin-staff; if kids get their hands on such a device, we are likely to see entire high-school computer rooms being destroyed.


So my suggestion would be to make a video that examines what kind of damage such a gadget does cause, to how big an extent, and what parts get fried. How to repair. Moreover, this video could discuss how one could protect the USB ports of a stationary computer as well as portable units. And also discuss how one can prove or show that it is highly likely that a device has been damaged by a USB-killer.
 

Offline Bicurico

  • Super Contributor
  • ***
  • Posts: 1707
  • Country: pt
    • VMA's Satellite Blog
Re: This will kill anything instantly!
« Reply #1 on: March 13, 2017, 05:01:43 pm »
There are USB locks available in the market, that will prevent physical access to USB ports.

One example is this https://www.kensington.com/us/sg/4531/k67719us/usb-port-lock-with-rectangular-cable-guard

But there is another one, I can't rember now, which is relatively cheap, as the USB lock is basically a plastic part that fits inside the port and to extract it you need a special key.

I assume that the USB Killer device (which is not new - they just released the latest model for USB-3.0) wil AT LEAST kill the USB controller on the mainboard. That alone sucks - a PC without working USB controllers cannot be used due to lack of input periferals like keyboard and mouse.

Of course you could make these devices illegal, but then, if one wants to kill a USB port, he/she can simply connect a straight 220V cable to said ports. Hell, you could destroy the computer with a sledgehammer!

The REAL risk in my opinion is people spreading out these killer dongles for innocent people to pick them up thinking they are USB disks! So the real thing to do is to explain people they should NEVER stick an unknown USB device to their computer. NEVER!

Regards,
Vitor

Offline axeroTopic starter

  • Regular Contributor
  • *
  • Posts: 108
Re: This will kill anything instantly!
« Reply #2 on: March 14, 2017, 01:29:58 pm »
On some machines they use optocouplers or magnetocouplers for the USB. If the device is a "semi-old" Samsung phone and it is protected, then the repair is not worse than replacing the USB-charger module which is an easy thing to do.

I really hope the manufacturers get flooded with phones with fried USB ports. I really want to give LG a good kick in the butt! The way they have designed the USB-charger circuit is unacceptable!

Don't know about stationary computers but it shouldn't be that big deal to put replaceable overcurrent/voltage protection modules behind the surface mounted USB ports and a filter adapter behind chassis ports.

Well it sucks to put USB-locks on every port and that hinders people from inserting memory sticks. Then of course one could leave one open with an optocoupler adapter behind it if there are such things available on the market.

I think that having a protection circuit that limits the damage to the port itself would kill the fun with a USB-killer. The port would be destroyed but the device would still continue to work normally.
« Last Edit: March 14, 2017, 01:34:26 pm by axero »
 

Offline gnif

  • Administrator
  • *****
  • Posts: 1672
  • Country: au
Re: This will kill anything instantly!
« Reply #3 on: March 24, 2017, 08:16:20 am »
Many PCs have eSATA these days, and some of them are powered, a device that did the same on this port could prove catastrophic for the machine.
 

Offline metrologist

  • Super Contributor
  • ***
  • Posts: 2199
  • Country: 00
Re: This will kill anything instantly!
« Reply #4 on: March 31, 2017, 10:52:01 pm »
It might be smart for learning institutions to just eliminate the USB ports for other reasons too. Everything is on the cloud now anyway.
 

Offline metrologist

  • Super Contributor
  • ***
  • Posts: 2199
  • Country: 00
Re: This will kill anything instantly!
« Reply #5 on: March 31, 2017, 11:16:47 pm »
It might be smart for learning institutions to just eliminate the USB ports for other reasons too. Everything is on the cloud now anyway.

A Cadence Virtuoso simulation folder (Analog Design Environment temp files) can easily be over 1GB, how to carry that over Internet?
Forget about running it again and carrying schematics and libraries only, the simulation can run for ages, and libraries carry NDA covered information, so we never transfer them out of workstations.

I thought we were talking about kids in an environment where they would damage the computer equipment. Do you see these USB zappers as a concern for what you are describing?

If that is never transferred out of the workstation, then why would you need a USB port? I'm thinking an environment where you just have terminal access, and nothing about meeting NDA is problematic there.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 12807
Re: This will kill anything instantly!
« Reply #6 on: March 31, 2017, 11:33:45 pm »
ONE front panel USB port wired up via a relay and a USB optoisolator.  Relay controlled via an application that logs the user name, date and time.  Logging out disconnects the port.  If someone blows the port, worst case it only takes out the USB optoisolator, and you can add a circuit to detect the excess voltage on +D and/or -D and log the event so the culpret can be billed for the damage.   If you supply isolated 5V and appropriate bias resistors on +D,-D before the relay closes, you could detect USB killers without damage.   

However its probably easier to lock all the ports and provide supervised access to a SD card reader.  I doubt J Random Cracker can fit a killer into a SD card form factor - that would take some serious engineering and cost big $$$$.

 

Offline Brumby

  • Supporter
  • ****
  • Posts: 12288
  • Country: au
Re: This will kill anything instantly!
« Reply #7 on: April 01, 2017, 02:20:13 am »
However its probably easier to lock all the ports and provide supervised access to a SD card reader.  I doubt J Random Cracker can fit a killer into a SD card form factor - that would take some serious engineering and cost big $$$$.

I like that - but I would take it a step further... Make it only accessible with micro SD cards.
 

Offline Brumby

  • Supporter
  • ****
  • Posts: 12288
  • Country: au
Re: This will kill anything instantly!
« Reply #8 on: April 01, 2017, 02:33:47 am »
True.

But it would effectively stop innocents sticking a time bomb (that they found laying around) into a computer.
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 12807
Re: This will kill anything instantly!
« Reply #9 on: April 01, 2017, 04:22:00 am »
You also have to defend against idiots with superglue, epoxy putty, or flash powder and a pyro ignitor.   If the supervision of the access is tight enough, you'll catch most of the idiocy. 

Also, what about designing a tray loading SD card reader?  If its not the right form factor for SD card, it simply wont go in.  Add a guillotine blade to the mechanism to defeat attempts to use a flatflex breakout and a magnetically triggered latch that prevents insertion of cards with a significant amount of ferrite or other magnetic materials in them, and a set of contacts that short out cards containing charged capacitors before they reach the real reader contacts, and it should be reasonably killer-proof. 


 

Offline Prime

  • Regular Contributor
  • *
  • Posts: 67
  • Country: au
Re: This will kill anything instantly!
« Reply #10 on: April 02, 2017, 07:01:14 pm »
You could just build a USB isolator and put one in each machine.

There are chips to do this very thing?  :-//
 

Offline Ian.M

  • Super Contributor
  • ***
  • Posts: 12807
Re: This will kill anything instantly!
« Reply #11 on: April 02, 2017, 07:10:02 pm »
That's a partial solution, but the $9.99 USB isolators typically have crappy DC-DC converters which are incompatible with larger (higher current) memory sticks, and they all limit the maximum USB speed to 12Mbps 'FULL' speed, so you have to go up in cost quite a bit to get something that works reliably, then you have the cost of replacing blown USB isolators.  Even with in-house on-site technicians its still going to be hard to keep it under $100 per incident, and as the average lUser's reaction to a 'found' stick that doesn't work will probably be to try it in another PC, you'll probably get several incidents from the same killer.

What's needed is a USB killer killer . . . . .
« Last Edit: April 02, 2017, 07:12:23 pm by Ian.M »
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3781
  • Country: de
Re: This will kill anything instantly!
« Reply #12 on: April 02, 2017, 07:21:06 pm »
True.

But it would effectively stop innocents sticking a time bomb (that they found laying around) into a computer.

Right. Except instead of that they stick in a software "bomb" in the form of a virus/ransomware infested SD card or USB stick.

What is the difference? The zapper at least manifests itself in a fairly obvious manner right away, so whoever decides to vandalize a computer in the lab is going to be quickly caught. Most university labs that I have been to require some sort of access control - students have a keycard or there is at least someone on duty keeping an eye on the lab. Often both. So the set of potential suspects is fairly small. Also university students are usually not this stupid to entertain themselves in this way because they know they would likely get expelled and, very likely, prosecuted.

A ransomware infected stick is a way worse problem, IMO - that could put the entire lab (or even school if they are sufficiently clueless) out of commission and good luck catching the culprit, because the infection takes some time to take effect. And nobody is up in arms about this.

Let's not try to engineer a BS solution for a non-problem, OK? E.g. those optoisolators are next to useless for mass storage devices, because they usually support only USB 1.1. Nobody wants to wait for hours to copy the homework. Network access can be also fairly limited - many places run restrictive firewalls and various censorware (often mandated by law for public institutions), so accessing even something like Google Drive or Dropbox can be a challenge. I am also not sure I would want to log into my personal account from a public computer anyway.

So this kind of technical "solution" that ruins the USB ports for everyone for the off chance that some moron decides "to have fun" is probably worse than the problem it is trying to address.

« Last Edit: April 02, 2017, 07:28:02 pm by janoc »
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3781
  • Country: de
Re: This will kill anything instantly!
« Reply #13 on: April 02, 2017, 07:33:51 pm »
What's needed is a USB killer killer . . . . .

No, what is needed is user education and making a public example out of every idiot that blows the machine up with a "found" stick - I somehow don't think a $50 sabotage device will be thrown in the parking lot just like that by some kiddies. It is a bit expensive for that.

That public example would have them pay for the repair of the machine as well. Rest assured that after the first one or two such cases people will find other ways to "have fun" and will leave the USB ports alone.
« Last Edit: April 02, 2017, 07:39:16 pm by janoc »
 

Offline onesixright

  • Frequent Contributor
  • **
  • Posts: 624
  • Country: nl
Re: This will kill anything instantly!
« Reply #14 on: April 04, 2017, 07:40:38 pm »
I think the Homeland did a test, dropping dozens of USB sticks around on parking areas and business building. I would not recommend inserting any USB device, when you don't know where it comes from. USB 2.0 is seriously compromised. And we have not a true clue whats in all those SOC's ..... :-X

https://www.techworm.net/2014/10/badusb-malware-code-on-github.html

Quote
Similarly, the U.S. Department of Homeland Security ran a test to see how hard it would be for hackers to gain access to computer systems. Staffers secretly dropped USB flash drives in the parking lots of government buildings and private contractors. Of those who picked them up, 60% plugged the drives into office computers, apparently curious to see their content. If the drive had an official logo, 90% were installed.
source: http://www.cioinsight.com/security/the-dangers-of-unsecured-usb-drives
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3781
  • Country: de
Re: This will kill anything instantly!
« Reply #15 on: April 04, 2017, 09:22:48 pm »
Ah not this "USB is compromised" and BadUSB BS again :(

You are more likely to be hit by a lightning or meteorite than get compromised by a BadUSB reprogrammed USB stick. That is not an attack vector that is really suitable for anything except a very targeted attack because it takes a significant effort to boobytrap the hardware - and then there are likely easier methods available than hacking the controller's firmware in someone's USB stick or keyboard. For example preloading some malware on a normal USB stick and tossing it in the parking lot. It will achieve the same with much less effort.

USB is not "compromised" - it was not meant to have any security in the first place. If you have a physical access to the machine, you can do whatever you want with it already and USB is the least of your problems. Such as install a hw keylogger. Or a rootkit - which could be even done remotely once you have access to the network, thanks to the Intel's Management Engine. Or simply walk away with it (or at least the harddrive).

The rest about the infected USB sticks in the parking lot - yes, people are dumb and will do that.  But that is a different problem. A USB stick can be had for a buck today. The "USB Killer" is a little too expensive for that and useless for anything else but vandalism anyway, destroying maybe one or two office machines before discovered.
« Last Edit: April 04, 2017, 09:40:11 pm by janoc »
 

Offline josecamoessilva

  • Regular Contributor
  • *
  • Posts: 64
  • Country: us
Re: This will kill anything instantly!
« Reply #16 on: May 03, 2017, 04:44:31 am »
I'm curious about the thought process of the innocent victims...

"Hey, an unknown USB thing. Let's stick it into this expensive machine where I store important personal information and financial data to see what happens."

It's the hardware version of "wow, if I click on this link I get to see pictures of Giselle Bündchen naked; how nice of this unknown person on the internet with a .ru address to have sent me those."

I guess the food equivalent is finding a plate of brownies on a table in a parking garage and eating one. The walking alone at night equivalent is to accept a ride from the complete stranger with a windowless van.

 :palm:
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3781
  • Country: de
Re: This will kill anything instantly!
« Reply #17 on: May 03, 2017, 08:56:25 am »
I'm curious about the thought process of the innocent victims...


Oh don't underestimate human stupidity ...

Back in the day when I was doing sysadmin duties, people were getting mails with attachments containing Windows viruses/worms every day. Once the antivirus software caught up with it, the viruses changed to zipped attachments and then even zip file with a password. And we still had people with doctorates in computer science (!!!) that actually went as far as to download that zip file to their harddrive, put the password in and try to open/execute the file inside, despite countless warnings about this.

At one point we were cleaning a major infection like this at least once per week. One clueless colleague has lost his thesis manuscript like this. ("Backups? What backups? I thought *you* were backing everything up for us!" - he kept everything on the local harddrive of his PC, so nothing got ever backed up)  :palm:

 

Offline CJay

  • Super Contributor
  • ***
  • Posts: 4136
  • Country: gb
Re: This will kill anything instantly!
« Reply #18 on: May 03, 2017, 11:32:13 am »
Had it this very morning, a user who clicked on multiple links in an email from a colleague that 'didn't look quite right'.

They managed to infect their machine and seem to have managed to download malware that the enterprise AV solution can't identify.

Once I told them the remedy, they offered me their encryption passphrase, username and password.

I don't think it's fair to call it stupidity as the person in question is very intelligent (their job is highly skilled and by all accounts they do it very well) but they still fell for what may have been a phishing/spearphishing email or just a generic ransomware infection...

I wouldn't repeat what I said about them the moment they'd left my office though.

I've no doubt that a large number of users here would not hesitate to plug in a 'found' USB stick, if only in an effort to identify the person that lost it. I'd be much happier if it were a USB killer than any number of pieces of malware.
 

Offline BBBbbb

  • Supporter
  • ****
  • Posts: 289
  • Country: nl
Re: This will kill anything instantly!
« Reply #19 on: May 03, 2017, 12:17:14 pm »

Saw this thing in your post and just had to order 2 of them of ebay.
 

Offline janoc

  • Super Contributor
  • ***
  • Posts: 3781
  • Country: de
Re: This will kill anything instantly!
« Reply #20 on: May 03, 2017, 02:59:35 pm »
I've no doubt that a large number of users here would not hesitate to plug in a 'found' USB stick, if only in an effort to identify the person that lost it. I'd be much happier if it were a USB killer than any number of pieces of malware.

As long as it wasn't one of your sysadmins/techs getting the bright idea to stick it into one of the server machines, blowing the crap out of the motherboard. Seen that too ... Especially in schools/unis.
 


Share me

Digg  Facebook  SlashDot  Delicious  Technorati  Twitter  Google  Yahoo
Smf