back to article Hackers waste Xbox One, PS4, MacBook, Pixel, with USB zapper

Hackers are destroying everything from the latest gaming systems, phones, and even cars with a dangerous circuit-frying USB device that could put critical systems at risk. The -220V USBKill device developed last year and since refined is an inconspicious USB stick that can ruin devices in seconds by delivering continous power …

  1. JeffyPoooh
    Pint

    Based on related experience...

    The USB power outlet (the associated power supply) on the aircraft would be specifically designed to avoid passing on any such nonsense to the aircraft power bus.

    1. wolfetone Silver badge
      Holmes

      Re: Based on related experience...

      You would hope so. But rules in regards to aerospace are usually put in place from "tombstone" regulations.

      Basically someone has to use this USB device killer on the plane, and the plane needs to crash and people need to die before the aircraft companies and the FAA sit up and demand this be stopped. Otherwise you're paying money to prevent something that might never happen from happening.

      That's what Air Crash Investigation taught me anyway.

    2. Anonymous Coward
      Anonymous Coward

      Re: Based on related experience...

      Totally with you on that one, you must be at the top of your game....presumably heading up tech for say Airbus or Boeing with special focus on security and safety.

      That'll be why a researcher was banned from a plane after accessing flight control systems from the in-flight entertainment system.

      You can't just blindly assume that because it's tech someone has thought about it...just look at Tesla and their issues...they have been a tech company stepping into car manufacturing as opposed to Boeing and Airbus who are aviation companies who have tried to embraced tech.

      1. Anonymous Coward
        Anonymous Coward

        Re: Based on related experience...

        That'll be why a researcher was banned from a plane after accessing flight control systems from the in-flight entertainment system.

        I think you will find that 'exploit' is an urban myth since the two systems are not interconnected in any way.

        1. Tom Paine

          Re: Based on related experience...

          That'll be why a researcher was banned from a plane after accessing flight

          control systems from the in-flight entertainment system.

          I think you will find that 'exploit' is an urban myth since the two systems are not interconnected in any way.

          I think you'll find it's a little more complicated than that. (Read the whole article.) http://www.zdnet.com/article/a-practical-history-of-plane-hacking-beyond-the-hype-and-hysteria/

          1. Lee D Silver badge

            Re: Based on related experience...

            And I think you need to read the article again.

            It's EXTREMELY well-worded and selective in its quotes but at no point has anyone said that you can touch, interfere, modify or access the critical systems at all. Sure, you can take out the in-flight movie and maybe get "admin" access to it. But you still can't modify the autopilot or anything else.

            And to do so, required a special filing from Boeing which was subject to scrutiny of a kind approaching "Sure, but only if it's impossible to interfere with the flight systems" at which point it was abandoned.

            It's extreme hyperbole, but it still boils down to "Roberts and other researchers have demonstrated methods for hacking into onboard computer networks used to operate in-flight entertainment systems.", The biggest risk there is that you might miss out on seeing Snakes On A Plane.

            1. Down not across

              Re: Based on related experience...

              The biggest risk there is that you might miss out on seeing Snakes On A Plane.

              You say that like it is a bad thing.

        2. Anonymous Coward
          Anonymous Coward

          Re: Based on related experience...

          I think you'll find there is an approved device that connects the two.

      2. imanidiot Silver badge

        Re: Based on related experience...

        @AC, I was just going to say: [Citation needed]

  2. GrapeBunch

    Great.

    Even longer lineups at airports, the plods will be testing all USB-looking devices. I hope the testing equipment doesn't wreck proper USB devices. Though probably it will take copies of the files therein. For everyone's protection, of course.

  3. TReko
    Flame

    Not just data lines

    >Gatford says the attacks are possible when vendors take engineering design shortcuts and do not optically isolate the data lines on USB ports.

    putting -220V on the 5V USB lines will also be unhealthy

    1. frank ly

      Re: Not just data lines

      I wouldn't call it an 'engineering design shortcut' since the design and the product were never intended or expected to deal with a lunatic putting 220V onto the USB lines. Maybe expectations and specifications will be modified from now on. Does anyone think that a 5kV isolation requirement is overkill?

      1. Anonymous Coward
        Anonymous Coward

        Re: Not just data lines

        I'm not an electronics person, but negative 220 would push the power source back onto itself in full correct? In the USA you could use a -110 right? When I hear negative voltage I think op amp, that's the extent of my knowledge :-/

      2. W4YBO

        Re: Not just data lines

        Humans begin to perceive "static electricity" shocks >2500 volts. Optoisolators are available for pennies in manufacturing quantities, and provide protection from outside threats like static. Think of optoisolators as electronic condoms.

    2. W4YBO

      Re: Not just data lines

      The device uses Vcc and Gnd (USB pins 1 & 4, the two outside pins) to run a DC to DC converter, builds up about 220v, then discharges into the data lines, several times per second.

  4. chivo243 Silver badge
    Trollface

    I see an increase

    In hot glue gun sales and wire cutters!

  5. allthecoolshortnamesweretaken

    This is why we can't have nice things.

    1. asdf

      Some men just want to watch the world (your devices) burn. The troll in me chuckles a little but no way I ever buy one of these things because guarantee it ruins your shit first and only (if you have any moral compass at all). And if you don't the law often can't handle new tech well but destroying other people's property has been codified in law for quite some time now.

    2. This post has been deleted by its author

      1. Anonymous Coward
        Anonymous Coward

        Re: To be fair...

        USB storage is SCSI-based so you're half way there.

        And thumbs up for finding where the old BOFH stories went!

  6. charlie wallace

    why

    would aircraft usb charging sockets have data lines?

    1. graeme leggett Silver badge

      Re: why

      Power supply negotiation

      1. Anonymous Coward
        Anonymous Coward

        Re: why

        "Power supply negotiation"

        Which is, as far as I know, done by attaching a couple of resistors isn't it?

        It's not difficult to negate this vandalism, the only question is whether it's been done or not.

    2. Anonymous Coward
      Anonymous Coward

      Re: why

      would aircraft usb charging sockets have data lines?

      Some allow you to plug your own music in, to listen to through the in-flight entertainment headphones.

      1. SkippyBing

        Re: why

        'Some allow you to plug your own music in, to listen to through the in-flight entertainment headphones.'

        Which has always struck me as the worst possible way to enjoy my music.

        1. Eddy Ito

          Re: why

          If you're only going to listen to your own music wouldn't it be easier to just use your phone and use the usb to top up the charge?

      2. Adrian 4

        Re: why

        It might fry the systems that spooks installed to read everything off a phone that was plugged in to charge it.

        Wouldn't that be a shame ?

  7. Baldy50

    Simple 'Crowbar' circuit or (MOV) varistor on data lines!

    Although normally invisible to a power circuit until an over voltage event, I don't know how they may effect signals at high frequencies even though they are not in series, have low capacitive/inductive properties. They are very small, so could be attached directly to the socket.

    I wonder how long one of these USBKill devices would survive being essentially shorted out?

    1. Phil O'Sophical Silver badge

      I wonder how long one of these USBKill devices would survive being essentially shorted out?

      If they use some sort of capacitor/diode multiplier they'll probably survive it indefinitely, but they still won't be able to damage the connected device.

    2. Anonymous Coward
      Anonymous Coward

      Simple 'Crowbar' circuit or (MOV) varistor on data lines!

      We fit those across both data lines and also fit zena diodes to the power lines in all the easily accessible USB ports in the industrial equipment we maintain for clients. It has cut having to replace main boards by almost 100%.

      1. Gideon 1

        Intrinsic Safety (ATEX, IECEX)

        MOVs and Zeners will protect against static discharge, but for real reliability (e.g. Intrinsic Safety) they then need to be protected against sustained overload with fuses, creepage and clearance distances, infallible connections, optocoupler "Distance Through Insulation"... It gets expensive.

        Also, I've seen computer interface chips on motherboards explode when they are pushed into latch-up by inappropriately high currents (>15mA) through their inbuilt protection diodes.

  8. hplasm
    Flame

    "I wonder how long one of these USBKill devices would survive ... shorted out?"

    I thing an El Reg test is in order! Perhaps crowdfund it...

  9. CaptainQueeg

    It's not murder if it's a Surface

    It's mercy.

  10. Timmy B

    In other news....

    Setting fire to things destroys them.....

    If someone wants to destroy a device then there will always be a way to do it.

    1. wolfetone Silver badge
      Trollface

      Re: In other news....

      I did wonder why the wood I was setting alight kept going missing, I thought it was a renewable fuel?

      1. Phil O'Sophical Silver badge
        Coat

        Re: In other news....

        It's not missing, and will be renewed eventually. You'll just have to wait a few aeons.

  11. Lee D Silver badge

    Ridiculous

    I don't think I've ever seen a port technology which is entirely optically isolated on a common device. For some things, I doubt it's even possible given their speed.

    But seriously:

    - Serial ports. Okay, I've seen optically isolated, but never on a PC or home device, only on geek interfacing kits.

    - Parallel ports. Same.

    - VGA. Nope.

    - DVI. Nope.

    - HDMI. Nope.

    - PS/2. Nope.

    - SD card. Nope.

    - SATA / eSATA. Nope.

    - Docking stations. Nope.

    - Firewire. Nope.

    - DisplayPort. Nope.

    - Ethernet. Nope (and that often carries PoE!).

    - Headphone / audio sockets. Nope.

    - Phone handset curly-cords. Nope.

    - Telephone lines. Nope.

    About the only one is TOSLink and that's because it's an optical connection.

    You can't just go around putting humongous voltages down copper pins and then be surprised when things blow up. Sure, you can fuse it, reduce the damage, etc. but you'll still kill devices before the fuse goes, especially if you're being just-that-silly with trying to deliberately damage things.

    It's ridiculous to suggest these should all be optically isolated. Public kiosks / airplanes? Yes, if you offer ports they should be locally fused and they WILL be on separate circuits anyway (otherwise you have a flight-control / in-cabin wiring violation immediately - even fusing the entire cabin should not affect anything to do with the safety of the plane). But opto-isolating every seat? No.

    I bet almost all my home appliances can't suffer the same - GAS BOILERS DANGEROUS BECAUSE IF YOU PUT 20kV DOWN THE THERMOSTAT CABLE, THINGS COULD GO WRONG.

    No shit, Sherlock. Don't do that.

    1. Dave 126 Silver badge

      Re: Ridiculous

      MIDI is optically isolated, and its cousin DMX, which is used in a similar manner but for lighting and other stage effects. Your point stands, though - I haven't seen it built into a PC since the Atari ST. The common approach on PCs was to have a MIDI break-out box attached to the game port.

      For that matter, IrDA is optically isolated, but again, it's been almost entirely supplanted by BlueTooth, and hasn't been common since the old Nokia days - when people only ever seemed to use it for playing two-player Snake.

      Thunderbolt started off as 'LightPeak', with the intention of using fibre optic interconnects. However, a copper cable solution was cheaper, and also perhaps the thinking was that consumers would find power delivery more useful than long fibre optic lengths.

      1. Linker3000

        Re: Ridiculous

        Have to nitpick: There's a lot of DMX stuff out there which is not galvanically isolated - the signal just gets thrown into a regular RS485 buffer chip with not an opto or transformer in sight.

    2. Graham Cobb Silver badge

      Re: Ridiculous

      It's ridiculous to suggest these should all be optically isolated.

      USB ports are different from those other examples:

      1) Those other interfaces are not used for massively common and cheap devices, that people routinely plug into their systems when they find them lying around.

      2) Those interfaces are not normally shared, where plugging a bad device into one port can damage other devices other people have plugged into other ports (as is common in charging stations).

      1. Timmy B

        Re: Ridiculous

        "1) Those other interfaces are not used for massively common and cheap devices, that people routinely plug into their systems when they find them lying around."

        Headphones? VGA (perhaps not lying around for that one)?

    3. Anonymous Coward
      Anonymous Coward

      Re: Ridiculous

      Ethernet may not be optically isolated, but does go through a transformer by spec (the differential pairs are floating) and basically everything I've checked has over-voltage protection on the ethernet ports too.

      1. GBE

        Re: Ridiculous

        Right. Galvnaic isolation does have to be optical, it can be magnetic or acoustic or hydraulic or ???. The Ethernet spec says both ends have to be galvanically isolated and have to provide fairly high level of isolation -- IIRC around 1-2KV. In practice, copper Ethernet interfaces are transformer coupled.

  12. Anonymous South African Coward Bronze badge

    Need to get one of these USB killing thingys and "forget" it at clients who don't want to upgrade their junk hardware...

  13. M_W

    No shit, sherlock

    In other news, man destroys PC by flicking PSU switch to 110V and plugging it in to UK 240V power socket. (I've seen far too many early Dell dimension desktops that have gone pop like this working at a transatlantic company!)

    Any interface can, if you connect to it inappropriately, potentially cause damage. Heck, I blew up a Sinclair ZX Spectrum in 1 second by swiping a screwdriver over the edge connector at the back of the device causing a spark and blowing something up inside. (Mum and Dad got it replaced under warranty - it blew up? No idea why.... )

    1. Anonymous Coward
      Anonymous Coward

      Re: No shit, sherlock

      Classic examples but do let me know how you get on connecting you Dell Desktop PC or Spectrum to an A380 or the like....they are slightly bugger than a pen drive.

    2. Anonymous Coward
      Anonymous Coward

      Re: No shit, sherlock

      In other news, man destroys PC by flicking PSU switch to 110V and plugging it in to UK 240V power socket.

      Cheap PSUs...

      Many years ago a colleagues DEC VT220 terminal blew it's fuse after a few months of use. No-one could see an obvious fault, so the fuse was replaced. It blew again after a week or so. At that point someone finally noticed the voltage selector set at 110v. It was reset to 240v, the fuse replaced, and the terminal continued to function for years. Tough kit.

    3. Cuddles

      Re: No shit, sherlock

      "Any interface can, if you connect to it inappropriately, potentially cause damage."

      Indeed, I'm struggling to see how this counts as news. Plugging a 220V power source into something not designed to have a 220V power source plugged into it will screw things up. Try doing the same to a 3.5mm audio socket or your printer's data port and see how well things go. Other than the usual "Don't plug random electronic devices you found lying around on the floor into your computers" advice, there's really nothing of interest to see here.

      1. Anonymous Coward
        Anonymous Coward

        Re: No shit, sherlock

        So many people here seem to be missing the point. It's not about the result of shoving high voltages where they shouldn't be. It's abou the ease and speed with which this can be carried out, and how many devices are potentially at risk.

        Imagine, you can walk into Currys, whack this into a port, and leave likely unnoticed having just destroyed equipment of high value.

        It's effectively the electronic equivalent of a can of spray paint. But even more discreet.

        1. Cuddles

          Re: No shit, sherlock

          "So many people here seem to be missing the point. It's not about the result of shoving high voltages where they shouldn't be. It's abou the ease and speed with which this can be carried out, and how many devices are potentially at risk.

          Imagine, you can walk into Currys, whack this into a port, and leave likely unnoticed having just destroyed equipment of high value."

          And how exactly is this any different from doing exactly the same with a headphone jack, HDMI plug, or other common interface? The only difference with USB sticks is that idiots are more likely to plug them in themselves if they find one lying around; if all you want to do is damage equipment in a shop, a power source connected to the plug of your choice will do exactly the same job, and would have done so just as well 30 years before USB was even imagined.

    4. Anonymous Coward
      Anonymous Coward

      Re: No shit, sherlock

      (Mum and Dad got it replaced under warranty - it blew up? No idea why.... )

      That's what concerns me about the bright spark in the video. He mentions he's going to "send it back this time" (about the 14:10 mark) in reference to the zapped Galaxy so I can't help but wonder if he's not just destroying this stuff and returning it which drives up the cost for everyone.

      1. Ken Hagan Gold badge

        Re: No shit, sherlock

        "One notable lunatic nuked a brand new MacBook Pro, Google Pixel, and a Samsung Galaxy S7 Edge ..."

        If he did them all within a short space of time (*) then some collaboration between Apple, Google and Samsung might be able to identify who it is. (* Or even a fairly long period. How many people have bought all three of those and returned them under warranty almost immediately?) Perhaps El Reg could contact all three companies and spin some line about wanting to write the story of how they joined forces to identify the fraudster.

  14. Phil W

    Covert

    This biggest threat these things pose I think, it not people maliciously plugging them in themselves, but the fact that due to their size they could easily be placed inside the housing of many models of USB flash drive. It would take minimal work in many circumstances then, to swap someones genuine USB flash drive for a disguised USBkill device.

    1. Anonymous Coward
      Anonymous Coward

      Re: Covert

      Quite, that's the kind of thing aviation and car companies should be thinking about!

    2. Anonymous Coward
      Anonymous Coward

      Re: Covert

      Which is why my USB devices are kept locked up while not on my person or me present. Aside from the physical access means compromise these days.

  15. frank ly

    Just an idea

    Wouldn't it be easier and cheaper to make a USB to Mains adapter cable?

  16. Anonymous Coward
    Anonymous Coward

    No point in protecting against this

    If you do, someone will update it to output 2000 volts instead of 220. What's the point of adding a few bucks in cost to everything because this game continues until you need to protect against someone putting 50kV in a USB port?

    1. Gideon 1

      Re: No point in protecting against this

      It's not just voltage you have to protect against, it's current and power too.

      50kV might be a little hazardous to the perp as well as the port.

      1. Anonymous Coward
        Anonymous Coward

        Re: No point in protecting against this

        Why should 50kV be a problem for a person? You can get that much stroking a cat and then touching a metal stair railing. People have died from as little as 42 volts of direct current (I assume he was very wet) and only 200 milliamps reaching the heart is fatal - but AFAIK this device isn't 'live' all the time, it requires a USB negotiation first, which your fingers won't provide. If it is live all the time, the 220v version might already be lethal if you used it in a bathtub.

        Plus, it isn't the current/power that is killing devices, it is the voltage. Most ICs don't react well to a lot of voltage. Overcurrent can be a problem, but you'd need a dozen amps sustained for more than a few seconds before you have to worry about hitting fusing temperatures for the traces likely to be used inside.

        The power is only a problem if it is actually charging the battery, and more power is directed to the battery than the charging circuits can handle. If a device is so broken as to accept whatever power comes in a USB port and direct it to the charging circuits, there's no hope for it.

        1. SRMoll

          Re: No point in protecting against this

          Very high Voltages are potentially less damaging, as they might simply arc over at the connector. So there is potentially a level of protection that would mean the computer or system survives with damage limited to the port itself.

  17. Kevin McMurtrie Silver badge

    Overblown?

    You could install TRIAC crowbars capable of stopping 10000 Amp surges only to have an immature individual prove that it's still not resistant to screwdriver prying.

    I used to repair vending machines. People will always find a way to break something. If there's a break-away mount to shield something from excessive mechanical shock, people will break that. If all else fails there's chewing gum.

  18. Paul Shirley

    nearly related

    My local bus company recently upgraded their buses with WiFi, USB charging and 3 pin power sockets. The charging speed strongly suggests they isolated the USB ports (with string instead of conductors).

    Took just days to discover using hair curlers in the power sockets crashes the bus electronics...

    1. Anonymous Coward
      Anonymous Coward

      Re: nearly related

      3 pin power sockets in a bus...wifi...WTF? Does this bus travel all hours of the night, because for the $5 I'd move in.

    2. toxicdragon

      Re: nearly related

      @Paul Shirley

      I think I know where you live, my local company did the same thing. Didn't know about the hair curlers though. Maybe it is just me but I would treat an unknown charging port the same as an unknown device, dont go sticking things in there, it wont be pleasant.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like