Energizer Duo battery charger hides a Trojan

Mar 09, 2010 by Lin Edwards report
Energizer Duo USB battery charger

(PhysOrg.com) -- The Energizer Duo USB battery charger has been hiding a backdoor Trojan in its software that affects computers using Windows. According to Symantec the Trojan has probably been there since 10th May 2007.

Energizer has now taken the software for the model CHUSB charger off the market and removed the site from which it could be downloaded, and the company is asking customers who downloaded the Windows version to uninstall it. There are easy steps to fight the Trojan in affected machines, and Macintosh users are not affected.

’s Director of Global Intelligence, Dean Turner, said it’s impossible to be certain the Trojan has always been in the software that monitors the Duo USB charger, but the Trojan’s binary header states it was created in May 2007. It is not known how the Trojan came to be in the software, but malware has previously been found to be hidden inside products. Energizer is working with the US Computer Emergency Readiness Team (US-CERT) and the US government to try to find out how the code found its way into the software.

The Trojan allows an attacker to operate with the same privileges as the user who is logged in, and to remotely control the system via connections on 7777/tcp to send and receive files, run programs, and list the contents of directories.

US-CERT advises that to fix the problem, users can delete the Arucer.dll file from the Windows system32 directory, and then restart the system. An alternative fix is to remove the USB charger software. The Arucer.dll file will still be present but the code cannot be executed in the absence of the charger software. It is also advisable to block access to port 7777 using a firewall or via network perimeter devices.

Energizer’s Duo USB battery chargers have been available in the US, Europe, Asia, and Latin America since 2007. They allow computer users to recharge the Nickel Metal Hydride (NiMH) batteries either from a wall outlet or a . It also enabled the user to monitor the status of charging on the PC.

Explore further: FINsix small-size laptop adapter uses special power platform

Related Stories

Digital frame virus traced to China

Feb 19, 2008

A powerful virus recently discovered in digital photo frames has been identified as a Chinese Trojan Horse that gathers personal information.

Harness power of the sun with solar gadgets

Aug 26, 2009

In the past, if you wanted a solar-powered gadget, you typically had to shell out a lot of cash for something made by a company you'd never heard of. But that's starting to change, as major brands such as ...

Recommended for you

Study: Samsung phone durable, but iPhone has edge

Apr 14, 2014

Samsung's new Galaxy S5 smartphone is more durable than last year's model and other leading Android phones, but the iPhone 5s outperformed all of them in part because of its smaller size, a new study finds.

Invention loves collaboration at Milan show

Apr 14, 2014

Collaboration drove invention during Milan's annual International Furniture Show and collateral design week events, yielding the promise of homes without mobile phone chargers, and with more ergonomic seating, ...

Amazon 'to release smartphone later this year'

Apr 12, 2014

Amazon is preparing to release a smartphone in the second half of 2014, thrusting itself into a market already crowded with Apple and Samsung models, The Wall Street Journal reported.

User comments : 11

Adjust slider to filter visible comments by rank

Display comments: newest first

Nik_2213
not rated yet Mar 09, 2010
What has the world come to when you can't even trust a lowly wall-wart ??

( Metaphorically speaking ;-)
Royale
3.8 / 5 (4) Mar 09, 2010
can anyone say foreign nations are prepping for a cyber war a lot more than we are? where was the program written, where was the hardware made? we need to start acting and stop reacting.
fuzz54
not rated yet Mar 09, 2010
If you have a proper firewall running then it would block the trojan or the charger software from accessing the internet. With that being said, most people don't have a proper firewall running.
Skeptic_Heretic
5 / 5 (1) Mar 09, 2010
When I first read this I was thinking more along the lines of "for those surprise encounters, a hidden trojan compartment".

I laughed, then I read the article. Who really uses a monitor program for a USB battery charger? It's 24 hours for a charge, so said the manual.

If you have a proper firewall running then it would block the trojan or the charger software from accessing the internet. With that being said, most people don't have a proper firewall running.
Most firewalls stop uninitiated incomming connections and ignore outgoing connections by default. Unless you've spent ten thousand on a hardware appliance, you're just as unprotected as those you look down on.
Royale
5 / 5 (1) Mar 09, 2010
Probably not energizer as a company, but for their outsourced developers looking to make some extra money the motive is right there.
bluehigh
1 / 5 (1) Mar 09, 2010
Originally intended for remote diagnostic support.
Switch
not rated yet Mar 09, 2010
April Fools?
MorituriMax
not rated yet Mar 09, 2010
I got up late one night to get some milk, suspiciously it looked like my refrigerator's ice maker light was in sync with my cable modem.... hmmmm
GaryB
not rated yet Mar 10, 2010
"All your bases are belong ..."
pubwvj
1 / 5 (1) Mar 13, 2010
One more reason to use a Mac.
paulthebassguy
not rated yet Mar 15, 2010
I think this is hilarious haha. It was probably put there by a developer with a grudge against the company.

More news stories

Quantenna promises 10-gigabit Wi-Fi by next year

(Phys.org) —Quantenna Communications has announced that it has plans for releasing a chipset that will be capable of delivering 10Gbps WiFi to/from routers, bridges and computers by sometime next year. ...

Unlocking secrets of new solar material

(Phys.org) —A new solar material that has the same crystal structure as a mineral first found in the Ural Mountains in 1839 is shooting up the efficiency charts faster than almost anything researchers have ...

Floating nuclear plants could ride out tsunamis

When an earthquake and tsunami struck the Fukushima Daiichi nuclear plant complex in 2011, neither the quake nor the inundation caused the ensuing contamination. Rather, it was the aftereffects—specifically, ...

New US-Spanish firm says targets rich mobile ad market

Spanish telecoms firm Telefonica and US investment giant Blackstone launched a mobile telephone advertising venture on Wednesday, challenging internet giants such as Google and Facebook in a multi-billion-dollar ...