This work addresses one of the critical vulnerabilities of quantum key distribution systems using typical single-photon detectors - namely optical manipulation attacks through blinding and "fake states" and the like, that allow performing a man-in-the-middle attack on a quantum key distribution system that is not detected by the standard protocols. We propose and experimentally demonstrate a countermeasure by self-testing the detector to reveal every manipulation mechanism caused by anything but single photon-level signals. This  countermeasure allow protecting against detector manipulation attacks in a simple way, as it neither relies on specific assumptions on the detection or manipulation mechanism, nor requires the
technological much more complex protocol of a measurement-device independent implementation. As such, we feel that this concept is of interest to a broad spectrum of researchers involved in quantum technologies.

In this work, we illustrate three different countermeasure examples, in where the legitimate receiver of the quantum key distribution system randomly switches on a lighter emitter at timings not predictable by the eavesdropper. The detector manipulation attacks could be detected by counting the excess photon-detection events created by the light emitter or ”fake state” events when the lighter emitter locally blinds the detector. The experimental results show that all our examples based on the self-testing concept could successfully identify the detector manipulation attack efficiently in time, consequently, have a low impact on reducing detection signal photons carrying quantum information.

Compared with existing countermeasure methods, our method is significantly simpler to implement and relatively low-cost. Thus, we expect this countermeasure will retrofit many existing QKD systems against detector manipulation attacks.