bit-tech.net

Energizer charger spreads Trojan

Energizer charger spreads Trojan

The software bundled with the Energizer DUO USB-powered battery charger came with a little bonus: a Trojan horse.

We're used, by now, to stories of even the most innocent of objects causing heartache by infecting unwilling host sytems with all manner of malware and viruses - but I bet you never thought you'd need to protect yourself from a battery charger.

Sadly, that day has come - the United States Computer Emergency Readiness Team has issued a warning regarding the software shipped with the Energizer DUO, a USB-powered charger for NiMH batteries. While the charger itself - being not much more than a standard battery charger that runs from a 5v USB connection - is innocent in this, the software bundled sadly isn't.

As explained over on ComputerWorld, the Windows-based monitoring software - designed to allow users to see how far the device has got in the charging process - contains a Trojan horse which opens a socket on TCP port 7777 and listens for commands. The Trojan - which is clever enough to enter an exception for itself into the Windows Firewall - claims to be a DLL file called "Arucer.dll."

Once installed, the Trojan will remain active even if the Energizer charger isn't connected to the system - although due to the way the Trojan hooks into the Energizer software, uninstalling the package will prevent it from automatically starting on system boot.

Thankfully for those affected by the infection, cleaning is a relatively simple process: with few protections built in to the package, simply deleting the file "C:\Windows\system32\Arucer.dll" and rebooting is enough to clear the system.

In order to prevent anybody else getting infected, Energizer has announced that it has removed the software from its website - and as the charger itself has already been discontinued, future outbreaks should be rare. However, the company is not planning a product recall - potentially meaning that retailers could still have affected stock on their shelves.

Are you disappointed to see Energizer not taking the issue seriously enough to issue a recall notice, or are infections like this one just part of the sad reality of modern-day computing? Share your thoughts over in the forums.

6 Comments

Discuss in the forums Reply
sotu1 9th March 2010, 11:32 Quote
How on earth do these devices manage to come pre-loaded with malware? It's quite amazing!
Bob1234 9th March 2010, 11:53 Quote
Same way everyone else gets malware? By having outdated scanning software, because its still unknown and not picked up or by just plain not checking it first.
g3n3tiX 9th March 2010, 14:24 Quote
Arucer.dll / Duracell ?
Joeymac 9th March 2010, 14:30 Quote
Quote:
Originally Posted by g3n3tiX
Arucer.dll / Duracell ?
Oh yeah.. huh.. it's an anagram of Duracell but with an extra r
Showerhead 9th March 2010, 17:06 Quote
I assume this is an inside job, no way an ordinary virus could find it's way onto a charger.
Farfalho 9th March 2010, 18:02 Quote
Quote:
Originally Posted by g3n3tiX
Arucer.dll / Duracell ?

Thought of that too, it kinda clicks when you look at it!

The extra R must be the one that have been straied from the word Brought mispelled around here =D
Log in

You are not logged in, please login with your forum account below. If you don't already have an account please register to start contributing.



Discuss in the forums