Energizer USB Battery Charger Injects PCs with Malware
Symantec researchers have discovered that the software accompanying Energizer's DUO battery charger may have been injecting PCs with malware since May 2007. Energizer has recently discontinued the product, but for those who've already purchased the charger, it's important they know a workaround for the problem.
Trojan Creation Date Not Known
According to Symantec Global Intelligence Network director Dean Turner, it's tough to tell if the Trojan has been kicking around the full three years.
"It's really impossible to say for sure that this Trojan has always been in the USB charger-monitoring software, but the creation date in the Trojan binary's header indeed states that it was created back in May 2007," Turner said.
"This would imply that the Trojan was most likely created back in 2007; however, there is a possibility that the time and date were set wrong on the computer that was used when the binary source files were compiled."
Energizer, which discontinued the product last week, has not announced how the backdoor Trojan ended up in software for its USB device. Experts speculate that hackers somehow infected the product before or after it hit retail shelves.
In 2009, security researchers at Kaspersky Lab discovered malware running on a new M&A Companion Touch netbook the company had acquired in order to run compatibility testing. (Source: neoseeker.com)
How the Arucer.DLL Trojan Works
Installing the Energizer DUO software places several .DLL files in the Windows System32 directory.
One .DLL file named "USBcharger.dll," is fine, but it executes another, Arucer.dll, which is a backdoor operation that could allow a hacker to take unauthorized remote access of a PC via its TCP port 7777 (over an Internet connection).
"An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs," said a U.S. CERT advisory. "The backdoor operates with the privileges of the logged-on user." (Source: eweek.com)
How to Remove or Block Arucer.DLL Trojan
What are the options for fixing the problem? Users can try entering the Windows System32 directory and delete the Arucer.dll file and then restart their system. They could also completely remove Energizer's USB Charger software, which would also remove the Arucer.dll file. Finally, there's the option of blocking port 7777, making it impossible for hackers to access the backdoor.
Most popular articles
- Which Processor is Better: Intel or AMD? - Explained
- How to Prevent Ransomware in 2018 - 10 Steps
- 5 Best Anti Ransomware Software Free
- How to Fix: Computer / Network Infected with Ransomware (10 Steps)
- How to Fix: Your Computer is Infected, Call This Number (Scam)
- Scammed by Informatico Experts? Here's What to Do
- Scammed by Smart PC Experts? Here's What to Do
- Scammed by Right PC Experts? Here's What to Do
- Scammed by PC / Web Network Experts? Here's What to Do
- How to Fix: Windows Update Won't Update
- Explained: Do I need a VPN? Are VPNs Safe for Online Banking?
- Explained: VPN vs Proxy; What's the Difference?
- Explained: Difference Between VPN Server and VPN (Service)
- Forgot Password? How to: Reset Any Password: Windows Vista, 7, 8, 10
- How to: Use a Firewall to Block Full Screen Ads on Android
- Explained: Absolute Best way to Limit Data on Android
- Explained: Difference Between Dark Web, Deep Net, Darknet and More
- Explained: If I Reset Windows 10 will it Remove Malware?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.