Energizer Duo USB battery charger has a backdoor

Software for the Energizer Duo USB battery can be pretty dangerous – after all, it comes with a backdoor that potentially enables an attacker to remotely take control of a Windows-based computer. Good to know that Energizer and US-CERT (U.S. Computer Emergency Readiness Team) are aware of the situation and has issued a warning to the masses, with the latter stating that “The installer for the Energizer Duo software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory. Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp. Its capabilities include the ability to list directories, send and receive files, and execute programs.” Energizer on their part has discontinued sale of this product, while removing the site to download the software as investigations are ongoing as to how this Trojan code managed to get into the software in the first place.