Malware in Your Vape

Filed in News & Politics by on September 8, 2017 0 Comments

It’s called an e-cig but do you really consider your vape an electronic device? Sure, it is powered by a battery instead of ignited by a flame, but many don’t think about their vapor vessel as being a digital device.

Some hackers have repurposed vapes into new tools to invade cyber security systems.

How do they do it?  The e-cigs are normally powered by a rechargeable lithium-ion battery, which plugs into a cord and can connect directly to a USB port on your computer. That’s their in.

According to Sky News, security researcher Ross Bevington demonstrated how easily an e-cigarette could be used to attack a computer—either by interfering with its network traffic or fooling the machine into thinking the vape is a keyboard or mouse.

The script the hackers could put on your computer could be as harmless as leaving some text on your computer for you to find at next login, like “Do you even vape bro!!!!” But the code left behind could be much more malicious.

Another hacker and researcher, Fouroctets showed Sky News how, using less than 20 lines of code, the computer could be made to download an arbitrary and potentially dangerous file and run it.

Luckily, though e-cigs could potentially be used to deliver malicious script to computers, there is usually very little space available on them to host this code. This means there are “limitations on how elaborate a real attack could be made” according to Mr. Bevington.

“The WannaCry malware for instance was 4-5MB, hundreds of times larger than the space on an e-cigarette. That being said, using something like an e-cigarette to download something larger from the Internet would be possible.

How to prevent a hack and keep your information safe?

The best way to protect against these kind of attacks is to ensure that your machine has updated its security patches, said Mr. Bevington, and to “have a good password and lock your machine when you leave it”.

Be careful if some device wants permission to access your computer when you plug it in to charge. Your safest bet is to plug it into a traditional outlet.  And of course, never let someone else plug any unfamiliar charging device into your computer.

Leave a Reply

Your email address will not be published. Required fields are marked *