News broke yesterday that E-cigarettes can be used to hack computers. Many e-cigarettes can be charged over USB, either with a special cable, or by plugging the cigarette itself directly into a USB port on a computer, security researchers warn that your computer could actually be compromised by the simple act of charging a vape pen with just a few simple tweaks to the vaporizer. Adam Brown, Manager of Security Solutions at Synopsys commented below.
Adam Brown, Manager of Security Solutions at Synopsys:
“Last year the University of Illinois and University of Michigan published research that showed if a hacker deliberately dropped a USB stick (which could have malware on it) there was a 50% chance that someone would pick it up and plug it into a computer. As Bevington’s recent research shows a vape pipe could easily be modified to work as any kind of peripheral device when plugged in, and so could be used in a similar way to either deliver a payload or perform some other malicious activity while plugged in. Potentially a vape pipe given away would very likely end up plugged in to a computer for charging and so would be an effective device for a targeted attack on a known vaper.
Many enterprises today block to use of USB ports which would prevent an attack like this. Those that do not should beware of what they plug in.The health risks to the body from vaping may not be fully known however it seems the health risks to your information or cyber security could be disastrous!”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.