Sunday, 27 April 2025

News: The electronic cigarette, the Chinese hackers and your mother
Home
francophone

News: The electronic cigarette, the Chinese hackers and your mother

posted by
Date:
In : francophone, News, Company
Leave comments

A first version of this article was originally published on Reflets.info by Bluetouff.

It has been slightly modified during its reproduction on Rue89. Gurvan Kristanadjaja

Neither one nor two, e-cigarette traders tell you that it is essential to get "branded" electronic cigarettes, announcing the big names in the sector ... and especially from Shenzhen, the world capital of low cost electronic cigarettes - which can be found for less than 10 dollars online and especially more than 80 euros with us, with a mark of a very French store affixed on it.

We are in delirium, that both try to recover in a rare outbidding stupidity.

BadUSB, what is it again?

When you plug a USB device into a computer, you have surely noticed that your computer was able to display its name, whether it is a printer, a memory stick or an electronic cigarette. . And that he is not going to try to “mount it” to write on it, but will confine himself to sending it the current that it asks for to recharge.

If this is possible, it's because each USB device, to put it mildly, contains firmware that says to your computer: “Hello, my name is that, and I'm asking you to do this for me. This is when your operating system interprets the instruction sent to it and makes the decision to take the requested action.

The attack is to reprogram the behavior of a USB component that you will connect to a computer. By altering the microcode that causes your computer, it is possible to pass one object to another.

Disastrous consequences

While this is not within the reach of everyone, but the public code shows that it is possible to do so and that this can have disastrous consequences.

For example, combined with another critical vulnerability that we are not currently talking about - Shellshok - it becomes possible to transform an electronic cigarette into an attack tool that will inject a command exploiting this flaw to change environment variables. of the shell, found on all Unix systems (Linux / Unix Gnu represent the vast majority of global web servers). USB sticks dedicated to the infection of computers, it was already something known.

BadUSB therefore goes much further since the vulnerability affects a large number of devices equipped with a controller… And guess what? Well, manufacturers of USB controllers… there aren't 150.

Whatever the brand of the "vapoteuse"

Not everyone is familiar with the electronic cigarette industry. Also, it may be wise to remember a few things: China immediately established itself as the world's leading manufacturer of e-cigarettes.

An electronic cigarette is a battery with a switch, a connector (called 510 connector) for the atomizer, which also serves as a USB interface to recharge the battery, and from time to time, a voltage variator… In short, a "vapoteuse" as described in the press, it looks like this.

This is not a malware (Gurvan Kristanadjaja / Rue89)

Except that you will not have failed to note that this gadget does not really look like a USB interface. Obviously. since that is not where it is located. The interface in question is actually a USB to 510 adapter. So our new attack vector looks more like this, and costs around $ 1.

The undeniable malware for 1 euro? … Fear! (Gurvan Kristanadjaja / Rue89)

So it's in this charger that would be a vulnerable USB controller ... Yeah, why not.

And guess what? Well, this 1 euro charger works just as well on a 4 dollar electronic cigarette as it does on a "branded electronic cigarette" at 80 euros. And for good reason, they are the same.

That this detail escapes unscrupulous salespeople still goes on, but for the Guardian, one is still entitled to wonder what happened at the cafet 'of the editorial'.

The very respectable Guardian's "investigation"

No electronic cigarette manufacturer makes a USB controller. Clearly, whether you buy an Innokin for more than 100 euros or a dung on Fasttech for 4 dollars, you will run the same risk, since these components come in both cases from the same factories.

Here you are warned: directly slam the door of a salesman who puts forward one brand or another by talking to you about a USB charger for electronic cigarettes, he is either stupid or dishonest ... or a bit of both.

Despite all the respect that we can legitimately bear for this institution that is the Guardian, we must admit that the “investigation” of the English media is - how to put it politely - null.

And you will see how the press is able to lend credit to the post of an anonymous on Reddit, to the point of forgetting to do a simple search to find evidence of the lack of concrete of the noise that circulates since March .

Still not a single line of code ...

Last spring, Jester published a post on his blog evoking a scenario which we do not really know if it is fiction or a real observation which he obviously did not publish the slightest "log". He gives us a rotten “screenshot” attesting to an outgoing TCP connection on a blurred IP… The big deal.

Also last March, your servant relays this post by explaining that no, it is not crazy, but that in the absence of concrete elements, there is no need to panic ... But here is the threat BadUSB flat in the background.

BadUSB is released in the wild, the threat is more precise, and I do not find it particularly stupid to recall the principles of good computer hygiene explaining that a device like an electronic cigarette does not have anything to do connected to a computer. company or administration.

An anonymous published, a few days ago, a "testimony" on Reddit where he claims that a machine of his company was infected by an electronic cigarette… Again, not the slightest concrete trace of the infection, no information on the nature of the "malware", still not a single line of code to get under your fingers ... and no antivirus editor to whom we would have sent this supposed strange code.

The job of an antivirus? Scare you

The Guardian publishes his thing out of the hat THE most impartial person on earth to tell you about a computer threat, I named an antivirus publisher, Trend Micro ... whose job is a bit of selling you antivirus and make sure you're scared.

The e-cigarette merchants, who are being debunked by Chinese sites, who sell stuff that we do not even know which is the counterfeit of the other, jump at the chance to highlight their products that come out of the same factories that counterfeit the counterfeit of a copy of rainbow gray clone ... and which embody exactly the same USB connectors, from the same manufacturer.

The French press relays the danger that hangs over all users of low-cost electronic cigarettes, sometimes even illustrating their articles with photos of "mods" which are however mechanical and devoid of any USB connection ... logical.

Since it's been nine months since I'm looking for an infected USB charger, if you see a passing vector vaporous proven, do not hesitate to send it to me.
Bluetouff, Reflets.info - http://rue89.nouvelobs.com/

Com Inside Bottom
Com Inside Bottom
Tags:

About the Author

Editor and correspondent Switzerland. Vapoteuse for many years, I take care mainly of Swiss news.