Some Windows PC users may hope the Energizer bunny didn't keep going and going. It turns out the Energizer DUO USB battery charger is a vehicle for attacks on PCs, according to the Department of Homeland Security's Computer Emergency Readiness Team.
US-CERT researchers said Friday that the software that installs with the Energizer charger contains a Trojan horse that gives malicious hackers a back door into Windows machines.
"An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user," US-CERT said. "Removing the Energizer USB charger software will also remove the registry value that causes the backdoor to execute automatically when Windows starts."
A Trusted Source
Although the fix seems relatively easy for consumers who are aware they have been infected, the path in was also straightforward. Rob Enderle, principal analyst at the Enderle Group, said consumers were probably not expecting the Energizer software to carry a malicious payload.
"Typically in a Windows 7 or even a Windows Vista install, if you mess around with ports you should get a warning," Enderle said. "Because consumers got the software from a trusted source, chances are you'll bypass the warning and go ahead and install it because you think you are only installing the battery monitor. This is a nasty piece of work."
Enderle questioned the origin of the software, noting that Trojans seem to make their way into programs when the software is developed outside the U.S. Chances are, he said, the software was developed in China or some other foreign country.
What's So Unusual?
Symantec also investigated the Energizer malware and discovered that the Trojan listens for commands on port 7777. That by itself is not so unusual, the company said, but Symantec researchers were surprised that the file was being distributed by Energizer as part of a USB charger-monitoring software package.
Symantec wanted to know how long the file was available to the public. The compile time for the file is May 10, 2007. Although it's impossible to say that the Trojan has always been in this software, Symantec's initial inspection leans toward this conclusion. Symantec also discovered the file was inserted into the package with the creator's knowledge and the USB charger doesn't need to be plugged in for the Trojan to be functioning.
"We also saw from the manufacturer's web site that the software is not distributed with the physical USB charger itself and, instead, it must be downloaded separately from the site. This may mean that fewer people installed it than bought the charger," said Liam Murchu of Symantec. "Whether this Trojan functionality was intended or not is unclear, but if it is intended behavior it would be very suspicious; I certainly wouldn't want my USB charger to download and execute files without my knowledge, or indeed send my files to a remote location."
Posted: 2010-12-01 @ 9:45am PT
Energizer should be held financially responsible for this incident.
Posted: 2010-03-15 @ 5:10am PT
I bought a brand new i-pod nano a couple of years ago. When I plugged it inot my PC, the nano infected my computer with the ZAFI-B virus. I ended up having to format my hard drive, because there was no fix for that virus at the time. My anti-virus software could tell me there was a virus there, but couldn't do anything about it. Because of that incident, I am completely NOT a fan of USB devices for my computer. BTW, Apple wouldn't replace or refund for the nano; they washed their hands of the entire incident.
Posted: 2010-03-14 @ 3:14pm PT
I bought the charger, but never installed the software - don't need extra 'junk' on my machine. So glad I didn't now!
Posted: 2010-03-14 @ 1:21am PT
I bought a USB Charger about 1 year ago. I downloaded and installed the software from the Energizer site. Then about 3 days ago, my antivirus told me the software has a Backdoor software in it.
Now the charger does not work without the software, whether it's just me or the lack of software I have no idea.
Energizer should fix this problem ASAP or recall and refund all chargers.
Posted: 2010-03-09 @ 1:29pm PT
How disappointing that it took this long to find out about this. It's too bad that companies do not better monitor their web site downloads.