Researchers explain how security practitioners can recognize when a seemingly benign device could be malicious.