Officials in Singapore are denying claims that they issued USB devices to reporters during the June 12 Trump–Kim summit that infected equipment with spying malware, but concerns still stand.
More than 2,500 reporters from outlets around the world were present at the summit in Singapore, where President Donald Trump met with North Korean leader Kim Jong Un to negotiate peace.
Among the gifts given to reporters in a promotional packet was a USB fan that was made in China. There were rumors that if the fan was plugged into a notebook or other device, it would then infect the device with malware, which would then grant access to hackers.
According to intelNews, the reports originated with French government broadcaster Radio France Internationale, then were picked up by British government-funded outlet BBC.
The rebuttal from Singapore’s Ministry of Communications & Information was carried by the Chinese Communist Party’s Global Times news outlet, which claimed the fans had no storage or processing capabilities.
Of course, the denial from the Singapore agencies does not discredit the concerns, and an infected device of this sort would fit a long pattern of practices by the Chinese Communist Party.
Chinese companies have in the past used electronic devices—including USB keys, cameras, computers, phones, and even electric kettles—to infect devices and internet routers with malware. Pre-infected devices from China often carry malware in their firmware and are able to spy on users by relaying data to Chinese servers.
The use of infected USB keys to spread malware is one of the more basic forms of cyberespionage, so much so that some security companies attempt to trick employees into picking up USB drives in parking lots to measure how aware they are of the potential threat.
A study by researchers at Google, the University of Illinois Urbana-Champaign, and the University of Michigan ran a similar test in 2016, which found 48 percent of people plugged USB devices they found in parking lots into their computers.