Real world attacks using this method?
Show me one.
It is like putting superglue in locks. In theory anyone could invest in $5 of superglue and put a large building out of business for a few hours. It doesn't happen. But if you were an IBM type of company you could offer this as a service to companies wanting to test their contingency plans. Seems that is what is going on here.
* TFA quotes Charles Henderson, "who heads up the IBM offensive operations unit."
* "This newly named technique — dubbed “warshipping” — is not a new concept."
* "All of this could be done covertly without anyone noticing — so long as nobody opens the parcel."
A much more practical implementation of this attack vector is the "Malicious Raspberry Pi Power Strip" (article posted in 2012):
https://hackaday.com/2012/10/04/malicious-raspberry-pi-power... Those could easily be shipped to end users who would be pretty likely to plug it in. Add a note in the box "from" the IT department and I bet it gets a very high percentage success rate.
> One time I had a colony of ants build up inside an APC UPS. Every day, the system would make a little popping sound, then switch to battery inversion for about two seconds, then switch back to mains. For the longest time I was baffled.
> Then one day I noticed some ants making a trail and investigated. It was crazy how many ants were living inside it. Apparently, every once in a while an ant would come too close to crossing the AC wires and the power would short through it, killing the ant instantly and causing the protection circuit to put it on battery.
> I find myself wondering if a similar ant infestation would destroy the RasPi.