Back door found in software for Energizer Duo USB battery charger

A back door has been found in the free, optional software created for use with the Energizer Duo USB battery charger, according to battery maker Energizer.

The U.S. CERT has also issued an advisory that elaborates on the Trojan software: "The installer for the Energizer DUO software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory." UsbCharger.dll appears to be a legitimate component for providing USB communications capabilities that has been tempered to also launch Arucer.dll. The advisory further noted that, "Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp."

In a nutshell, the malware allows a remote attacker to remotely control the infected system, which includes the ability to list directories, send and receive files, as well as execute programs with the privileges of the logged-on user.

In fact, the Trojan may have been around since the software was offered three years ago, says Symantec. Energizer says it has no idea how the Trojan got into its software, though the company says it has discontinued the sale of this product and has also removed the site from which the software is downloaded.

If anything, this incident shows the need to install antivirus software as soon as possible after the operating system is in place--earlier rather than later.

For more on this story:
- check out this article at CNET News
- check out this article at eWeek 

Related Articles:
At least one trojan using Facebook as a command channel
Report: Trojan attacks up, phishing down in '09
Bank fraud with a Trojan horse
New DNS Trojans attempt to hijack entire LAN