Friday, February 21, 2025
HomeComputer SecurityBusKill - A new USB Kill Cord Switch to Self-Destruct Your Data...

BusKill – A new USB Kill Cord Switch to Self-Destruct Your Data on Linux Machine

Published on

SIEM as a Service

Follow Us on Google News

BusKill a new laptop kill cord Dead Man Switch for Linux machine to lock, shutdown, or to wipe out the linux machine, in case of theft.

The cable dubbed “BusKill” was developed by Linux expert Michael Altfield. It is powered by USB & udev commands.

BusKill

Let’s consider a scenario that you are in a public place and accessing some sensitive data, the thief may snatch and run away with your laptop.

The thief may access all the sensitive data and the data may be posted in the public, Financial loss or leads to other risks.

Michael Altfield’s cheapest $20 BusKill lets you lock, shutdown, or self-destruct when it’s physically separated from you.

BusKill makes use of udev (device manager that detects when external devices are plugged), $4 USB drive with durable keyring hole, small & strong carabiner keyring to attack with belt loop $6, $7 USB magnetic breakaway adapter and $3 1-meter USB extension cable.

The setup would look like below

BusKill

If the laptop snatched the USB magnetic breakaway adapter gets detached from the Laptop and that would trigger a udev remove action.

You can set up a udev rule that to be triggered when the USB drive is removed, you can set rules to lock, shutdown, or self-destruct your Laptop.

Technical details and the rules can be found in Michael Altfield’s blog post, here is the video demonstration.

“it is simple. There is no need for anything to be stored on the USB drive. And if the USB drive suddenly failed, BusKill would still be triggered. If an attacker quickly inserted a clone of your USB drive before or after stealing your laptop, BusKill would still be triggered,” Michael Altfield added.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

SPAWNCHIMERA Malware Exploits Ivanti Buffer Overflow Vulnerability by Applying a Critical Fix

In a recent development, the SPAWNCHIMERA malware family has been identified exploiting the buffer...

Sitevision Auto-Generated Password Vulnerability Lets Hackers Steal Signing Key

A significant vulnerability in Sitevision CMS, versions 10.3.1 and earlier, has been identified, allowing...

NSA Allegedly Hacked Northwestern Polytechnical University, China Claims

Chinese cybersecurity entities have accused the U.S. National Security Agency (NSA) of orchestrating a...

ACRStealer Malware Abuses Google Docs as C2 to Steal Login Credentials

The ACRStealer malware, an infostealer disguised as illegal software such as cracks and keygens,...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

More like this

Linux Kernel 6.14 rc3 Released With The Fixes for Critical Issues

Linus Torvalds has announced the release of Linux Kernel 6.14-rc3, marking a critical milestone...

REF7707 Hackers Target Windows & Linux Systems with FINALDRAFT Malware

Elastic Security Labs has uncovered a sophisticated cyber-espionage campaign, tracked as REF7707, targeting entities...

Crowdstrike Falcon Sensor for Linux Vulnerability Allows MiTM Attack

CrowdStrike has disclosed a vulnerability (CVE-2025-1146) in its Falcon Sensor for Linux, its Falcon...