Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Toys Security Windows IT

Energizer USB Battery Charger Software Infects PCs 260

Posted by Soulskill from the bad-bunny dept.
swandives writes "Researchers at US-CERT have warned that software accompanying the Energizer DUO USB battery charger contains a Trojan that gives hackers total access to a Windows PC. The product was sold in the US, Latin America, Europe and Asia starting in 2007. Upon installation, the software creates the file 'Arucer.dll,' a Trojan that listens for commands on TCP port 7777. Upon receiving instructions, the Trojan can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. Uninstalling the software disables the automatic execution of the Trojan. Users can also remove Arucer.dll from Windows' system32 directory and reboot the machine to disable the backdoor component."
This discussion has been archived. No new comments can be posted.

Energizer USB Battery Charger Software Infects PCs More

Energizer USB Battery Charger Software Infects PCs

Comments Filter:

  • Interesting detail in the DLL: (Score:4, Interesting)

    by carlhaagen ( 1021273 ) on Monday March 08, 2010 @12:58PM (#31401966)
    Its language code is Chinese.

  • Told you so (Score:5, Interesting)

    by Animats ( 122034 ) on Monday March 08, 2010 @01:07PM (#31402094) Homepage

    Some time back, when USB chargers started to appear at airports, I warned that this might happen. A public charging port is such an attractive attack vector.

    Of course, the real problem is Windows's "autorun". It was a truly awful idea to have Windows run any executable that appears on any removable device or medium. That went in (in Windows 95, I think) when CDs were only manufactured by major vendors, before home CD writers or USB storage devices. So it probably seemed "safe" at the time.

    Worse was making it very difficult to turn autorun off. [cert.org]

  • Re:Software?! (Score:4, Interesting)

    by Captain Spam ( 66120 ) on Monday March 08, 2010 @01:11PM (#31402154) Homepage

    I get it that the software can monitor charging, report stuff, advertise...

    I always wondered, with the sheer amount of portable devices which charge over USB nowdays, why not put some manner of standardized charge reporting into the specs of the next version of USB, so that we don't need to bother with nonsense like installing a new program or drivers for each device just to monitor its charging on the computer (or whatever charger), if we do want monitoring and such? That way, we could just tack a charge indicator onto whatever the OS or windowing system uses to track connected USB devices, instead of X amount of additional programs displaying it in any variety of mismatched ways.

    I mean, I'll grant that many devices just report their own charge on their own respective screens, so for things like phones or whatnot, it might not be that useful. Plus, my suggested scheme would quickly get shot down by companies like Energizer in this case when they realize revenue stream conduits^W^W^W customers wouldn't have a reason to install "special" drivers and programs loaded with ads...

    Oh, yeah. That IS why it wouldn't get adopted. Hrm.

  • Re:Interesting detail in the DLL: (Score:3, Interesting)

    by TheLink ( 130905 ) on Monday March 08, 2010 @01:18PM (#31402224) Journal

    Yeah it was probably made in China, and typically nobody cares about QC/QA in the factory (or part of the QA is making sure the malware is installed ;) ).

    I found malware on a supposedly new PNY usb drive about a year ago. Perhaps it was a repackaged item.

    Anyway, didn't affect the machine I plugged it into since auto-run was disabled (like it should be).

  • Outsourcing / QA / Negligence (Score:5, Interesting)

    by grahamsaa ( 1287732 ) on Monday March 08, 2010 @01:26PM (#31402358)
    Energizer obviously isn't the first company to be hit with this sort of embarrassment, and it's surprising to me how resistant some of these companies are to learning and adopting good QA and security practices.

    If corporations feel that they must outsource production of devices like these, they damn well better be prepared to do thorough in-house testing before they release malware to the public. I'll give them the benefit of the doubt that they were probably unaware of this trojan, but that makes them no less negligent.

  • Re:Outsourcing / QA / Negligence (Score:5, Interesting)

    by vlm ( 69642 ) on Monday March 08, 2010 @01:41PM (#31402584)

    You're assuming they didn't outsource engineering, QA, security, and testing.

    You have the olden days idea, that China only manufactures.

    I would not be surprised to learn Energizer-USA in 2010 is no more than an overpriced CEO and some marketing folks.

  • Re:Software?! (Score:2, Interesting)

    by ACPosterChild ( 719409 ) on Monday March 08, 2010 @06:23PM (#31406566)

    The 500ma is per USB Master, yes? Most motherboards usually have 1 or 2 masters providing ~4 usb ports each. A common problem I've seen is people putting total device usage of more than 500ma on a single master, and then at least one of their components stops working. So, a 2-port device would either: 1) be using up to 200ma in a way that it doesn't need SW to request more than 100ma; 2) need more than 500ma and expect you to plug into 2 different master buses. #2 is usually impossible because the busses are usually split, once supplying service to the front of the computer and one servicing the back.

Slashdot Top Deals

FORTUNE'S FUN FACTS TO KNOW AND TELL: A giant panda bear is really a member of the racoon family.

Close