【】

While the world's eyes watch Donald Trump and Kim Jong-Un meet in Singapore, journalists have seemingly been treated rather well while covering the event.

But caution has been advised over one tiny freebie.

Not only have the 3,000 journalists been well-fed during the summit, they've also received a goody bag. Inside the bag there's a bottle of water, a handheld fan featuring Jong-Un's face, and a Sentosa guidebook. Pretty standard.

SEE ALSO:6 VPNs that can help you break through China's 'Great Firewall'

However, also enclosed was a blue, innocent-looking mini USB fan, a nod to Singapore's searing temperatures. Not so hot about it was the information security community.

Tweet may have been deleted

"Do not plug this in. Do not keep it," tweeted journalist Barton Gellman, who led coverage on the U.S. National Security Agency after receiving top secret documents from Edward Snowden.

The risk is the device could be a covert method of installing malware onto the computers of journalists covering the summit.

Mashable Light SpeedWant more out-of-this world tech, space and science stories?Sign up for Mashable's weekly Light Speed newsletter.By signing up you agree to our Terms of Use and Privacy Policy.Thanks for signing up!

Tweet may have been deleted

Twitter was abound with messages imploring journalists to not use the fan.

Tweet may have been deleted

Tweet may have been deleted

Tweet may have been deleted

Tweet may have been deleted

Tweet may have been deleted

Tweet may have been deleted

"It certainly can be a security risk," Matthew Warren, professor of cyber security at Australia's Deakin University, explained to Mashable.

"The idea of the USB is a way of connecting devices to computers, and either exchanging data or drawing power for operations. The problem is, there's been a number of examples where USB devices can be hijacked and malicious code can be put on them."

"There's been a number of examples where USB devices can be hijacked and malicious code can be put on them."

Security researchers Karsten Nohl and Jakob Lell demonstrated malware they had developed, called BadUSB, at the Black Hat Conference back in 2014.

The malware is installed in the firmware of the USB drive, and not in its flash memory storage, which makes it undetectable. It also means other USB peripherals, like fans, can also be used to covertly carry attack code.

Once plugged in, the malware can "completely take over a PC, invisibly alter files installed from the memory stick, or even redirect the user's internet traffic," WIREDnoted at the time.

"Security hasn't been built in to these USB devices," Warren added. "I certainly wouldn't be putting [the fan] in my machine."

Of course, it could be very well and true that the USB fan isjust a USB fan. We'll just have to see about that.

---

Featured Video For You

---

Future of the internet could depend on submarine datacenters

---

TopicsCybersecurityDonald Trump