E-cigarettes have been growing in popularity as a safer alternative to cigarettes. However, while the user's lungs might be benefitting from using the devices, the user's computer could be the one that is being put at risk.
Online reports have surfaced that e-cigarettes are the newest channel for malware, suggesting that hackers are taking advantage of the increasing demand and usage of the devices.
Most e-cigarettes are charged with a USB cable that can be plugged into a wall socket or into the USB port of a computer. While e-cigarettes charged through a wall socket will not put your home's electrical supply at risk, e-cigarettes charged by connecting the device to a computer will give the e-cigarette access to the computer, potentially putting the computer at risk.
A report surfaced on Reddit that claims that at least one e-cigarette user has paid the price for taking such a risk.
According to a Reddit user, an executive had his computer infected by malware, but the source of the infection could not be identified. The IT department of the company found that the malware did not enter the computer through the traditional means, as instead, the malware was able to enter the computer through an e-cigarette.
"The made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer's USB port the malware phoned home and infected the system," the Reddit user wrote.
Trend Micro security consultant Rik Ferguson said that the story posted in Reddit is completely plausible.
Ferguson said that malware found in the production line of devices have been around for years, with infected devices including MP3 player and digital picture frames. One example of such an incident was back in 2008, when Samsung shipped digital picture frames that included malware within the device's installation CD.
Another recent incident on the issue is the BadUSB bug, wherein USB devices are reprogrammed at the hardware level to serve as tools for hackers in attacking computers.
With such problems arising from the usage of devices with the USB ports of computers, Ferguson said that there is now a strong case for enterprises to disable the USB ports of company PCs, or at the very least use device management tools to allow only authorized devices to connect with computers.
As for consumers, Ferguson said that to keep safe, anti-malware programs should always be installed and kept updated, and only trusted devices should be connected to computers.