This article is more than 1 year old
E-cigarettes fingered as source of NASTY VIRUS
Not the mouth-hole kind, says IT support bloke
E-cigarettes have been fingered as the source of a new computer virus. "IT guy" Jrockilla told the Talesfromtechsupport forum that he suspects the malware was "hard coded" into the USB charger of his boss's electronic toker.
In his post, he says:
The executive’s system was patched up to date, had anti-virus and up-to-date anti-malware protection. Web logs were scoured and all attempts made to identify the source of the infection were to no avail. Finally, after all traditional means of infection were covered, IT started looking into other possibilities. It finally asked the executive “have there been any changes in your life recently”? The executive answer was, “well yes, I quit smoking two weeks ago and switched to e-cigarettes"...
...[The] e-cigarette had malware hard coded into the charger and when plugged into a computer’s USB port the malware phoned home and infected the system.
During the subsequent debate on Reddit, users called for further evidence that the charger was indeed the source, and that hasn’t been forthcoming, but it does point to the danger corporates face with users plugging unauthorised devices into USB ports for charging.
One user suggests that while a memory device will announce itself when plugged in, a keyboard will not, so a malevolent USB device could masquerade as a keyboard and then accept the security prompts which flashed up as the device asked for permissions.
A savvy user would spot this if they were watching but not if they were busy fiddling with an e-cig (essentially a battery-powered vaporizer which has the feel of tobacco, but produces only an aerosol) at the same time.
Naturally, the non-smoking sticks could be charged with a wall charger but IT professionals need to be aware that the threat exists. Again, the thread warns that it might be significant pointing to research by the German researchers SRLabs that USB devices can be made unstoppable.
It has also been suggested that a device is used to limit the USB port, but that is of course moving the trust around. If you really want to investigate what a port is doing, there are devices such as Facedancer which will investigate just that sort of thing.
In the meantime, it might just be easier to quit altogether. ®