Ecigs and malware – an objective approach
Like any new device that becomes popular overnight, the e-cigarettes have been subjected to a lot of negative publicity by the media especially with the recent explosions and fire hazards. This is because people like to overreact and generalize and who doesn’t like a good ‘news alert’. While the majority of people, especially those with limited understanding on electronic devices, tend to be scared off by such news, others are outraged that headlines like these don’t benefit anyone and it could keep smokers away from a viable form of inhalable nicotine that comes without the hazards of combustible tobacco.
One such story is the malware incident we’re sure you’ve heard about in the past month, that involves an e-cigarette USB charger and a an executive from a big company. If you don’t know the story, it is presented on Reddit in detail and it speaks about a security breach on a computer that had all the latest updates installed and active antivirus and anti-malware scanners. The IT department went through the web-blogs to try to find the problem but their efforts were in vain. After all the traditional approaches to locating the problem failed to deliver a result, they started asking the executive about recent changes in his daily life. It seems that a couple of weeks ago he decided to quit on tobacco and bought a cheap e-cigarette on e-bay.
Apparently, the $5 electronic cigarette came with an USB charger that had a hard-coded malware program inside and infected the computer once it was plugged in. Now, while the concept does exist and is often referred to as “BadUSB” this is a very isolated event and no other reports of malware via e-cigs have been encountered so far. Mp3 players, portable GPS devices and cameras have been used in the past to carry malware since the antivirus scanners can access their internal memory but not the firmware and running across an infected USB charger might not be that unthinkable, but the general panic created afterwards might.
Yes, like any other electronic device an e-cigarette can be infected with malware by a person with shady intentions. But this can also be the case of your mobile phone, tablet, GPS, memory card or smart watch. Don’t imagine that if you buy an e-cig from a trusted vendor you’re susceptible to getting your pc or laptop infected by a Trojan horse. Reputable companies (and there are a lot of them) can’t afford such incidents and if you buy from trusted online or vape stores you will not be in any sort of danger.
Also, when using the company’s computer there is always a risk even if you plug in your personal USB drive or memory card to show off some holiday photos to your colleagues. The odds are the same. This is why it’s always a good idea to use your wall charger with your e-cig, phone or tablet and use the company PC only with approved equipment from the IT department.