Friday, September 10, 2010

News Feed Comments
You are here: Home / Technology / Tech News / Newest Virus Threat To Your PC Comes From a Battery Charger

Newest Virus Threat To Your PC Comes From a Battery Charger

March 9, 2010 by admin  
Filed under Tech News

Leave a Comment

It’s well known that digital photo frames can carry malware that can infect a PC, or at least, it should be. How about a battery charger?

The U.S. Computer Emergency Readiness Team (US CERT) cautioned on Friday over a trojan in optional software that can be used with the Energizer DUO USB battery charger. The Windows application, which allows users to view battery charging status, actually contains a Trojan that can allow an attacker to remotely control a Windows PC.

US CERT says:

The installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory. When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.

Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp. [...] An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.

The software has been offered for three years. It is unclear how long the malware was in the program’s download. If it was in the code in 2007, that was when a number of infected consumer products, including the aforementioned digital photo frames, were coming out of China.

Marcus Sachs, director of the SANS Internet Storm Center said:

“This may simply be from that time frame when all the factories in China were not clean and many were putting malware onto stuff, not intentionally but because the hygiene wasn’t good. Who knows where the server (hosting the software) is located. It could have been exposed to the unclean conditions that were rampant there.”

Related posts:

  1. iPhone Icon Battery Pack Charger looks cool
  2. Virus (free) in Vodafone handset!
  3. Windows 7 Battery Error Messages Not Our Problem: Microsoft
  4. Vodafone Handsets with Free Virus for Users
  5. Siemens finds a German victim of cyber-attack

Tags:

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!