The US-CERT has warned the public that the software sold alongside the Energizer DUO USB battery charger may infect PCs with a Trojan virus.
Just recently, the Department of Homeland Security has announced that the Energizer Bunny contaminates PCs with malware infection. This announcement was backed by studies done by the researchers at US-CERT. US-CERT stands for United States Computer Emergency Readiness Team. The software that comes with the Energy DUO USB charger contains a Trojan horse. This means that a Windows PC becomes fodder to a lot of hackers out there, once this software is installed.
Energizer Holdings, manufacturer of the Energizer DUO USB-powered battery recharger, has confirmed the discontinued use of the aforementioned product, affirming furthermore that the software has been infected with malware. The DUO is actually a nickel-metal hydride recharger and is powered by a USB. Nonetheless, Energizer Holdings has remained quiet as to how the Trojan malware might have found its course into the software. They have released an official statement saying that Energizer is presently at work with the U.S. government and CERT researchers, in an attempt to find out which may have caused the infection or how the code may have been introduced into the software.
Beginning 2007, Energizer DUO was already sold and marketed in Europe, Asia, and the North American and Latin American markets.
How the trojan operates
The Windows software that comes with the battery charger is meant to display the charging status of the battery. In this case however, the file “Arucer.dll” is created once the software is installed in the charger. The file is in reality a trojan that works on command through TCP port 7777. Once instructions have been given, the trojan is able to download files and to execute them accordingly, spread files obtained from the PC, and even alter the Windows registry. The trojan executes every time the computer is powered on. It furthermore remains active, and does not need the Energizer charger to be connected to the computer for it to maintain its activities.
Users urged to uninstall
Due to the menace brought about by the trojan, users who have already installed the Energizer software into their PCs are urged by the US-CERT personnel to uninstall it without delay. Uninstalling the software leads to the immediate execution of the trojan, so that hacking is no longer possible. Another way to terminate the infection is by removing the Arucer.dll from Windows’ “system32″ directory, after which the machine will need to be rebooted.
Advisories about the trojan in Energizer DUOs have been published by US-CERT and Symantec. Also, Energizer has released a statement saying that the software is no longer downloadable from its website.