The Guardian features a story about e-cigarettes carrying some malware, infecting computers used to charge them. Though not entirely surprising when you actually think about it, personally I'd not have expected non-computerized devices which just happen to have micro-usb charger socket to pose a threat to IT security.
From the article:
“The made in China e-cigarette had malware hardcoded into the charger, and when plugged into a computer’s USB port the malware phoned home and infected the system.”
Later the article references some low-level attacks might be used to reprogram USB chips on devices, letting them act as USB keyboards issuing commands on the behalf of the logged in user, etc.
(Score: 1) by Pino P on Wednesday November 26 2014, @09:35PM
There is the "Battery Charging" spec on USB.org, which gives "dedicated charging ports" a way to signal to devices that they're allowed to draw more than 100 mA from the port without a data connection. But a lot of devices were manufactured before the spec was published.