If you’re using the Energizer Duo battery charger, and have connected it to your PC to check the charge levels of the batteries, you may have inadvertently exposed yourself to a program that could give hackers access to your computer. The charger has been discontinued, and Energizer recommends removing the software along with the file that enables the backdoor.
Energizer reports in a press release:
Energizer has discontinued sale of this product and has removed the site to download the software. In addition, the company is directing consumers that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer. This will eliminate the vulnerability. In addition CERT and Energizer recommend that users remove a file that may remain after the software has been removed. The file name is Arucer.dll, which can be found in the Window system32 directory.
Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software.
CERT (the U.S. government’s Computer Emergency Readiness Team) provides more tips, including changing firewall rules that could allow access to your computer.
Software-vendor Symantec also has some advice, and warns that the exploit may have been out there for a while — and also speculates that the code was included by the developer who built the software installer for Energizer:
The fact that the temp file created by one of the commands has the prefix “liu” is interesting, since the name “Liu hong” appears elsewhere in the code. Not only that, but other programs that are part of the installation package for the USB Charger software also take in the parameter “-liuhong”. Could it be that he was the creator of the installation package?
We were interested in finding out how long this file had been available to the public. The compile time for the file is May 10, 2007. It is impossible to say for sure that this Trojan has always been in this software, but from our initial inspection it appears so.
Although Energizer has discontinued this product, if you’re really into watching batteries charge in real-time, the company is releasing a new program that will allow you to watch paint dry via a webcam. Just kidding.
US-CERT Vulnerability Note VU#154421 [CERT]
Energizer Announces Duo Charger and USB Charger Software Problem [Energizer Press Release]
Back Door Found in Energizer DUO USB Battery Charger Software [Symantec]