Because of these findings, Energizer stops the marketing of rechargeable battery products.
A trojan reportedly threatened a user’s computer using a USB rechargeable battery Energizer Duo. The existence of Trojan is successfully detected thanks to the analysis of the computer security firm Symantec.
According to Symantec, the trojan is started there since May 10, 2007, and has been active for about three years to infect Windows computers. Trojans can be entered into the computer through software that is used for the Energizer rechargeable batteries.
Trojan is a program that operates clandestinely in a computer, and provides a gap for another computer to access the computer remotely contaminated.
The findings of this trojan makes the Energizer to announce the cessation of product marketing rechargeable batteries and move the site that provides software downloads for rechargeable batteries. Energizer even appealed to consumers to uninstall the software version of Windows that has them download.
Energizer does not explain how a backdoor trojan get into the software. However, according to US-CERT (computer security agency official U.S.), the software installer for the rechargeable battery Energizer Duo UsbCharger.dll put a file in the directory and file applications on Arucer.dll Windows system32 directory.
When UsbCharger execute software, the software components using UsbCharge.dll, UsbCharger.dll execute Arucer.dll, and configure Arucer.dll to execute automatically when Windows starts up.
The problem is a backdoor Arucer.dll (entrance) which allows a remote system is not authorized, access to the computer through TCP port 7777.
“The attacker will be able to control the system remotely, including the ability to gather a list of directories, send and receive files, and execute the program,” said US-CERT.
To counteract this trojan, the user can go to the Windows system32 directory, then delete Arucer.dll. But the system needs to restart before it officially files deleted. Alternatively, users can get rid of the overall UsbCharger software.
Arucer.dll will remain stored in the system32 directory, Tapu mechanisms to execute code DLLs will not be there anymore. The last, is blocking access to [port] to connect 7777/tcp outside the backdoor can be avoided.