For behind the scenes pictures, stories and special contests, follow us on Facebook!
Subscribe:

Energizer Battery Charger Hides Trojan For 3 Years

energizer-duo-charger

By Chris Scott Barr

No one wants to get a trojan on their computer, for quite obvious reasons. Thus one is careful about the sites they browse, the links they click and the software they download. Generally doing these things will keep your computer free of such malicious bits of software. But have you ever considered that your hardware might be hiding something nasty?

Apparently the Energizer DUO USB Battery Charger has been carrying around a nasty little trojan that can wreak havoc on your system. CERT has issued a warning and stated the following:

An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.

That’s right, something as simple as plugging in your USB battery charger could give someone complete control over your system. I think the question on everyone’s mind was how in the world the trojan was put onto all of these in the first place. The file is tied into the installer for the charging software, which also means that downloading it from Energizer directly was no better an option. (In my best Ricky Ricardo voice) “Energizer, you’ve got some ‘splainin’ to do.”

On a bright note, Mac users were not affected. The OSX version of the software was found to be clean.

[ CERT ] VIA [ CrunchGear ]







.
  • http://vsevolod-volkov.livejournal.com/ vs-volk

    I like your resource and I’m always surprised at how quickly your news are spread around. Here is the latest example – http://greenergie.info/archives/39#more-39

  • RileyB

    Peachy. After doing a Google search I found useful info on on pcworld.com giving helpful into on how to remove necessary programs. First you uninstall the charger software, restart your computer, then you need to delete the arucer.dll fine in the system32 file. They also suggest a firewall to block access to 7777/tcp.

  • http://zotel.livejournal.com/ Zotel

    This is what you get when you over-engineer a product… there isn't really a good reason for a battery charger to talk to the PC

  • http://fastforwardacademy.com/index-page-irs-enrolled-agent-exam-course.htm enrolled agent study guide

    Absolutely. Energizer was pretty much asking for trouble when they overworked this little gizmo.

  • Jessicat

    That's horrible. Thank you for posting this. I'm a bit disappointed that this occurred.

  • Jessicat

    That's horrible. Thank you for posting this. I'm a bit disappointed that this occurred.

  • http://www.marblepolishing.net Marble Clean West Palm Beach

    Energizer Battery Charger Hides Trojan For 3 Years.