Now cyber criminals use E-cigarettes to spread malwareHow is E-cigarette being usedVapourizerPlausible or fairy tale?
How is E-cigarette being used
The E-cigarettes have to be charged over USB, either with a special custom cable, or by plugging the cigarette itself directly into a USB port. The ones that come with the USB port charging are the one that are fast becoming a favourite threat vector for the cyber criminals. The malware is apparently hardcoded into the charger for these E-cigarettes and as soon as its hooked to a PC they start their malicious work. For one they are inconspicuous, who the hell would think that a puny E-cigarette might be carrying a malware. The second point is that the USB port allows the cyber criminals to physically access your device.
Vapourizer
The use of E-cigarette for injecting malware first surfaced on Reddit. A redditor, Jockrilla posted the below comment on Reddit and that started the things moving The post seemed to suggest that a large corporation was subjected to a data breach because one of the exec had started smoking E-cigarette or “vapourizer” which had a malware hard coded into the charger. When the charger was plugged into the exec’s system the malware infected it.
Plausible or fairy tale?
For the looks of it, the Redditors claim looks very plausible given the fact that just recently, a security researcher, Karsten Nohl had demonstrated the virtually unpatchable attack called BadUSB with its proof-of-concept. He had further stated that more than half the USB devices available in the market may be susceptible to the BadUSB attack. Combining the two reports gives you a plausible explanation for the malware spreading through a E-cigarette. Dave Goss, of London’s Vape Emporium, says that vapourizers can remain safe by buying from respected manufacturers such as Aspire, KangerTech and Innokin, and by checking for “scratch checkers” on the box, which mark out authentic goods from counterfeits. “Any electrical device that uses a USB charger could be targeted in this way, and just about every one of these electrical devices will come from China,” he adds. It is suggested to those who use such kind of USB devices, to only charge USB devices through a wall adapter (they charge faster anyway). If you really need to charge through USB then you are advised to get what is called a “USB Condoms”, which will make sure that only power is drawn and no data is exchanged.