Search Disaster Preparedness Blog

Entries in USB (1)

Monday
Mar082010

Energizer Duo USB Battery Charger Trojan - Allows Remote Access

Downloadable software for use with the Energizer Duo USB Charger has been found to contain a Trojan that allows for remote control of the system US-CERT is reporting.

It is unknown at this time how long the Trojan has been in the software, but can be as long as its release three years ago.

According to Symantec "The Trojan still operates whether this device is found or not, so a USB charger doesn't need to be plugged in for the Trojan to be functioning."

US-CERT has issued a Vulnerability Note VU# 154421 with more details. Here is some information from that report:

The installer for the Energizer DUO software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory.

Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp.