Hackers have been known to place malicious software in thumb drives and bury it in innocuous-looking e-mails. But now it appears they’ve come up with a new way to infect your computer: E-cigarettes.
So while e-cigarettes may be better for your health than real smokes, charging them up through your computer’s USB port — that’s the narrow slot you stick your phone cable into — can be a way to infect your computer with malware, experts say.
That’s apparently what one executive at a large corporation found out after he quit smoking and switched to e-cigarettes made in China, according to a recent post on the social media forum Reddit. The executive had a malware infection on his computer “from which the source could not be determined,” wrote an “IT guy” at the company. “After all traditional means of infection were covered, IT started looking into other possibilities.
“The made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer’s USB port the malware phoned home and infected the system.”
If it sounds crazy, tech security experts confirmed that e-cigarette chargers or anything, really, that can be inserted into a USB port can be a means of infecting your computer.
“Ultimately any USB device that you can plug in can be reprogrammed to do malicious things to your computer,” said Dmitri Alperovitch, co-founder and chief technology officer of CrowdStrike, a cyber threat research firm. Capture keystrokes, turn on your Web cam, steal files, for instance.
And the infection can run both ways. Cellphones have been known to be infected when plugged into computers that have malware on them, Alperovitch said.
If the attack is from a sophisticated hacker, a regular virus scan will not remove the infection, experts warn.
The takeaway? Don’t plug any device into your computer if you’re not sure of its manufacturer. Better to use the outlet than the USB port to charge your device.
“You can’t infect an outlet,”Alperovitch said.