E-Cigarettes Can Hurt Your Computer

E-Cigarettes

Yet more evidence that smoking is bad for you: A brand of e-cigarettes manufactured in China, has been found to carry malicious software that can be implanted into a computer when plugged into a USB port for recharging.

E-cigarettes are in actual fact, electronic vaporizers that heat a liquid solution into an aerosol mist that offers the sensation, nicotine and flavorings of tobacco cigarettes, supposedly without its harmful effects, although being a new technology, its risks as a nicotine replacement product are as yet largely uncertain. The heating element can be charged through a computer’s USB port, and this is where the malware was released.

The story, detailed on Reddit, points out that an executive at a “large corporation” found his computer had been infected with malware from an undetermined source. An extensive IT scouring showed his computer’s antivirus and anti-malware protection was fully up-to-date, and it was only after he was questioned about recent changes to his lifestyle that mention of the e-cigarettes was made. They had been purchased on eBay for $5.

A report from The Hacker News quotes Trend Micro security consultant Rik Ferguson as saying, “Production line malware has been around for a few years, infecting photo frames, MP3 players and more.” The report goes on to highlight how in 2008, a photo frame produced by Samsung shipped with malware on the product’s install disc.

Although these incidences are reasonably rare, they highlight a permanent reality that hackers are constantly searching for ways to exploit any electronic device to serve Malware to a poorly protected network, and USB ports become one of those overlooked areas – a simple charging or connection port that for most users has a limited, yet convenient function.

The Hacker News article describes the malware app BadUSB that was recently able to “spread itself by hiding in the firmware meant to control the ways in which USB devices connect to computers.” Rik Ferguson is quoted as suggesting “a very strong case can be made for enterprises disabling USB ports, or at least using device management to allow only authorised devices.

By Steve Prentice

Holiday Photos.png
The Sticky Note.png
Data Fallout.png
Disaster Plan.png
Jonathan Custance
IoT –  Part of Your Essential Kit Jonathan Custance, Co-Founder of Green Custard outlines how industrial organisations can leverage IoT to dramatically reduce their carbon footprint  Technological progress and environmental sustainability have always been at ...
Ian Hayes
Secure HTML Forms With the frequency and severity of cyberattacks on the rise (up 31% from 2020 to 2021, for a total loss of $6.9 billion), businesses need secure methods of data collection to protect ...
Mark Ardito
‘Legacy systems’ often get a bit of a rough time in the IT community. But perhaps this is unfair. After all, in many cases you’re talking about software platforms that have lasted and been effective ...
Gilad David Maayan
What Is Application Dependency Mapping? Modern software development teams use fast-paced DevOps work processes. However, the complexity of modern software applications often gets in the way. A typical enterprise software project has thousands of components, ...
Dmitry Chekalin
How Much Should a Modern Website Cost? A website is a valuable instrument for growing your business. Your website presents your brand to users. Also, it compels your prospects to become your customers. So, how ...