By Elinor Mills
March 8, 2010
Software that can be downloaded for use with the Energizer Duo USB
battery charger contains a backdoor that could allow an attacker to
remotely take control of a Windows-based PC, Energizer and US-CERT is
"The installer for the Energizer Duo software places the file
UsbCharger.dll in the application's directory and Arucer.dll in the
Windows system32 directory," the U.S. Computer Emergency Readiness Team
said in an advisory on Friday. "Arucer.dll is a backdoor that allows
unauthorized remote system access via accepting connections on 7777/tcp.
Its capabilities include the ability to list directories, send and
receive files, and execute programs."
The Windows software was made available via a download with the
Energizer Duo Charger, Model CHUSB, Energizer said in a statement.
The battery maker said it does not know how the Trojan got into the
software. "Energizer has discontinued sale of this product and has
removed the site to download the software," the statement said.
"Energizer is currently working with both CERT and U.S. government
officials to understand how the code was inserted in the software."
Register now for HITBSecConf2010 - Dubai, the premier
deep-knowledge network security event in the GCC,
featuring keynote speakers John Viega and Matt Watchinski!