Energizer’s Battery Charger Program Contains Malware

The United States Computer Emergency Readiness Team (US-CERT) of the Department of Homeland Security said on March 5, 2010 that the Energizer DUO USB Battery Charger Software contained a backdoor Trojan capable of infecting computers.

Said Symantec, its researchers detected the Trojan as Trojan.Arugizer. Explaining how it works, they stated that when the USB charger Software is installed, the 'Arucer.dll,' a malicious file is generated as well as inserted into the registry. Consequently, the Trojan becomes active whenever the computer is booted.

The Trojan takes instructions from any computer who connects to the already infected PC. Subsequently, it downloads and runs a file, transmits directory listing to a remotely located server that the attacker controls, and performs various other actions.

The Trojan gives a remote attacker access to the infected system. In doing so, it uses the system operator's user privileges.

Meanwhile, Energizer, the company manufacturing the battery, hasn't specified the way the Trojan entered the software. However, it is coordinating with U.S. government officials and CERT to determine the same, the company stated.

Said the researchers at Symantec, since the software in question is not sold with the USB charger itself and required to be downloaded from the website, it is likely that just a few people installed it as compared to the number of those who bought the charger. This, in turn, implies that fewer users are potentially at risk of the Trojan.

However, Energizer says that its experts have taken the software off its download website. The company added that albeit similar software was offered to Mac OS X users, it was only the Windows operating systems that had been affected.

Thus US-CERT has recommended end-users who have loaded Energizer's software that they must uninstall it so that the automatic execution of the Trojan could be prevented. Alternatively, they can clean the "system32" directory of Windows off the Arucer.dll file and then reboot the system.

Meanwhile, similar to the Energizer incident, Seagate Technology, in 2007, acknowledged that its hard-drives caused Trojan infections to a manufacturing factory in Asia. And, in 2006, Apple alerted its iPod users that there was a Windows worm inside a few of its music players.

Related article: Emergence of Web 2.0 Increasing Security Concerns

» SPAMfighter News - 3/12/2010