Using e-cigarettes, or vaping, is widely touted as being healthier for you than smoking tobacco, however, it may not be so healthy for your PC.
Many e-cigarettes offer a USB charging option but a story on social news site Reddit (opens in new tab) suggests that this is a potential source of malware attack. An executive's PC became infected after he'd recently given up smoking and the infection was traced to his e-cigarette charger.
It seems likely that this is a variant of the BadUSB malware uncovered in August this year by German company SRLabs (opens in new tab). This allows the firmware on USB controller chips to be reprogrammed to deliver a malicious payload or masquerade as another device, such as a network card, to capture transmitted information.
Dave Goss of London's Vape Emporium told the Guardian (opens in new tab) that e-cigarette users can stay safe by purchasing respected brands but added that, "Any electrical device that uses a USB charger could be targeted in this way, and just about every one of these electrical devices will come from China".
How much you read into the fact that these devices originate in China is also open to question. Carelessness on the production line or more sinister, state-sponsored malware? Either way it's a good idea to treat unknown USB devices with suspicion.
Users can protect themselves by using a 'charge only' cable with the data pins disconnected to connect devices that don't need to exchange information. This news is likely to encourage more businesses to restrict the use of unauthorized USB devices on corporate networks too.
Have you suffered any kind of malware problem with a USB device? Let us know in the comments.