Story image

Hackers are able to target your e-cigarette... Is nothing sacred?

29 May 17

Vaping isn’t much safer than smoking - but not in the way you think.

With a few simple tweaks to a vaporizer, a security researcher has demonstrated that the device made to be an alternate to smoking can be modified in such a way as to pass code to your computer.

It’s a story as old as the internet. It begins with the USB port, as do a whole plethora of other security problems. USB ports are used for both charging and the transfer of data, which often means they are the most convenient place to plug in a phone, e-reader, tablet, or any other device that can charge or be topped up with data. In this case, a vaporizer.

In a video demonstrating his work, the security researcher, who goes by FourOctets, plugs an e-cigarette into a computer's USB and the device immediately lights up as if to charge. A few seconds go by and the computer starts to react.

"DO U EVEN VAPE BRO!!!!!," reads a pop up message on the screen. Essentially, the vaporizer issued a custom command to the computer, and the computer obliged happily.

While the researcher has no ill-intent, it is easy to imagine someone more morally bankrupt loading a computer with something less amusing. Think keyloggers, or ransomware.

For the vapers out there worried, it’s not a simple case of just accessing someone’s e-cigarette. It requires quite a bit of hands on work.

"It started as more of a joke than anything," FourOctets says on Twitter.

"This is done with extra hardware and a little bit of code. Another goal usually when doing dumb stuff like this is that stuff is not always what it seems and that random stuff that can plug into a computer can be dangerous," he explains.

"A lot of folks aren't aware that something like this is even possible whether it be with firmware or added hardware and a tiny bit of code found online."

In short, should you be worried that your vape is compromising your PC?

"It's probably pretty unlikely to ever get something like this from the factory that would do this," FourOctets noted.

“But the possibility is there and people need to be mindful of that."

So there you have it. It’s probably not necessary to run to the gas station and pick up your old favourite pack of smokes, and you can probably keep vaping without being hacked. It’s important to realise that your devices are always exposed to risks you would never comprehend, and it’s not a terrible idea to keep your antivirus up to date on your home computer.

49 inches: Samsung's latest gaming monitor steps up to Dual QHD
Samsung’s gaming monitors will have a few extra inches around the waist this year.
Jobs 'aplenty' for freelance writers, devs & ecommerce specialists?
Jobs tagged with the keyword ‘writing’ took the top spot as the fastest moving job in 2018.
Updated: Chch crypto-exchange Cryptopia suffers breach
Cryptopia has reportedly experienced a security breach that has taken the entire platform offline – and resulted in ‘significant losses’.
iPhone XS Max costs average Kiwi 11.6 work days – world comparison
A new study has compared how long it will take the average worker in 42 countries to purchase Apple's newest iPhone - NZ doesn't do too bad.
Chorus reckons Kiwis have an insatiable appetite for data
New Zealanders love the internet – and we love Fortnite even more.
Hands-on review: XANOVA Juturna-U gaming headset
Despite my first impressions on the quality of the headset, I was disappointed with both of the auxiliary cables provided, which felt cheap and would cut out, almost as if they were already frayed.
Audioengine’s Wireless A5+ are just bloody good speakers
I judge these speakers on the aspects that Audioengine boasts about - quality, streaming, simplicity and versatility
Hands-on review: The Ekster Wallet protects your cards against RFID attacks
For some time now, I’ve been protecting my credit cards with tinfoil. The tinfoil hat does attract a lot of comments, but thanks to Ekster, those days are now happily behind me.