Not everyone is so hot about this free USB fan handed to journalists at Trump-Kim summit

Press nabbed a weird freebie while covering the summit between Kim Jong-un and Donald Trump in Singapore.

Image: Kevin Lim/THE STRAITS TIMES/Handout/Getty Images

While the world’s eyes watch Donald Trump and Kim Jong-Un meet in Singapore, journalists have seemingly been treated rather well while covering the event. 

But caution has been advised over one tiny freebie.

Not only have the 3,000 journalists been well-fed during the summit, they’ve also received a goody bag. Inside the bag there’s a bottle of water, a handheld fan featuring Jong-Un’s face, and a Sentosa guidebook. Pretty standard.

However, also enclosed was a blue, innocent-looking mini USB fan, a nod to Singapore’s searing temperatures. Not so hot about it was the information security community. 

“Do not plug this in. Do not keep it,” tweeted journalist Barton Gellman, who led coverage on the U.S. National Security Agency after receiving top secret documents from Edward Snowden.

The risk is the device could be a covert method of installing malware onto the computers of journalists covering the summit. 

Twitter was abound with messages imploring journalists to not use the fan.

“It certainly can be a security risk,” Matthew Warren, professor of cyber security at Australia’s Deakin University, explained to Mashable.

“The idea of the USB is a way of connecting devices to computers, and either exchanging data or drawing power for operations. The problem is, there’s been a number of examples where USB devices can be hijacked and malicious code can be put on them.”

“There’s been a number of examples where USB devices can be hijacked and malicious code can be put on them.”

Security researchers Karsten Nohl and Jakob Lell demonstrated malware they had developed, called BadUSB, at the Black Hat Conference back in 2014. 

The malware is installed in the firmware of the USB drive, and not in its flash memory storage, which makes it undetectable. It also means other USB peripherals, like fans, can also be used to covertly carry attack code.

Once plugged in, the malware can “completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user’s internet traffic,” WIRED noted at the time.

“Security hasn’t been built in to these USB devices,” Warren added. “I certainly wouldn’t be putting [the fan] in my machine.”

Of course, it could be very well and true that the USB fan is just a USB fan. We’ll just have to see about that. 50e4 5afa%2fthumb%2f00001