March 08, 2010

Energizer software found to open backdoor

An application that allows users to view the battery charging status of the Energizer DUO USB charger contains a vulnerability that could enable an attacker to install malware on Windows machines.

The flaw, disclosed Friday by US-CERT in a note, involves Arucer.dll, a backdoor trojan that permits unauthorized remote system access through TCP port 7777.

The trojan runs each time the computer starts and listens for commands over the port, according to a Symantec blog post on Friday.

"An attacker is able to remotely control a system, including the ability to list directories, send and receive files and execute programs," the note said. "The backdoor operates with the privileges of a logged-on user."

A VirusTotal report from early Monday showed that less than 25 percent of anti-virus solutions were detecting the backdoor.

Energizer is aware of the problem and is trying to learn how the software was tampered with, according to a news release.

"Energizer has discontinued sale of this product and has removed the site to download the software," the company said. "In addition, the company is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer. This will eliminate the vulnerability.

Similar Articles
Related Topics
Related Links

More in News

Privacy-bolstering "Apps Act" introduced in House

The bill would provide consumers nationwide with similar protections already enforced by a California law.

Microsoft readies permanent fix for Internet Explorer bug used in energy attacks

Microsoft is prepping a whopper of a security update that will close 33 vulnerabilities, likely including an Internet Explorer (IE) flaw that has been used in targeted website attacks against the U.S. government.

Weakness in Adobe ColdFusion allowed court hackers access to 160K SSNs

Up to 160,000 Social Security numbers and one million driver's license numbers may have been accessed by intruders.