Pages

Tuesday, March 9, 2010

USB battery recharger status software contains Trojan

A software included in the Energizer DUO USB battery charger contains Trojan horse.

According to researchers at US-CERT (United States Computer Emergency Readiness Team), software that accompanies the Energizer DUO USB battery charger contains a Trojan horse that gives hackers total access to a Windows PC.
The Energizer DUO, a USB-powered nickel-metal hydride battery recharger, has been discontinued, said Energizer Holdings, which late Friday confirmed that the software contains malicious code. The company has not said how the Trojan made its way into the software, however. "Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software," Energizer said in a statement.
The Windows software included with the charger is designed to show battery-charging status. When the software is installed, it creates the file "Arucer.dll," which is actually a Trojan that listens for commands on TCP port 7777. Upon instructions, the Trojan can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. The Trojan automatically executes each time the PC is turned on, and remains active, even if the Energizer charger is not connected to the machine.
Recommending Energizer DUO USB battery charger users to uninstall the installed Energizer Software, which disables the automatic execution of the Trojan, Alternately you can remove the Arucer.dll from "system32" directory, then reboot the machine.
Both US-CERT and Symantec have published advisories about the Trojan.
This software malfunctions only in Windows platform.

No comments:

Post a Comment

techthesaurus on Facebook