Backdoor found in Energizer Duo USB battery charger

(Credit: Amazon)

Software that can be downloaded for use with the Energizer Duo USB battery charger contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC, Energizer and US-CERT is warning.

"The installer for the Energizer Duo software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory," the U.S. Computer Emergency Readiness Team said in an advisory on Friday. "Arucer.dll is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp. Its capabilities include the ability to list directories, send and receive files, and execute programs."

The Windows software was made available via a download with the Energizer Duo Charger, Model CHUSB, Energizer said in a statement.

The battery maker said it does not know how the Trojan got into the software. "Energizer has discontinued sale of this product and has removed the site to download the software," the statement said. "Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software."

For systems with the software installed, US-CERT recommends removing the Energizer Duo software and Arucer.dll file, as well as blocking access to port 7777 via network perimeter devices or firewall software.

The Trojan may have been in the software since it was first offered three years ago, according to Symantec.

"We were interested in finding out how long this file had been available to the public. The compile time for the file is May 10, 2007. It is impossible to say for sure that this Trojan has always been in this software, but from our initial inspection it appears so," Symantec wrote in a blog post. "The Trojan still operates whether this device is found or not, so a USB charger doesn't need to be plugged in for the Trojan to be functioning."

If the Trojan does date back to 2007, that is around the same time that there was a rash of products like digital photo frames hitting U.S. shelves infected with malware, said Marcus Sachs, director of the SANS Internet Storm Center.

"This may simply be from that time frame when all the factories in China were not clean and many were putting malware onto stuff, not intentionally but because the hygiene wasn't good," he said in an interview on Monday.

"Who knows where the server (hosting the software) is located," he said. "It could have been exposed to the unclean conditions that were rampant there."

[globalist_agenda]

All you people's stop picking on China. China good. China no spy on Americans. China just poor people trying to make buck. China not steal company trade secrets. China not hack into governments. China not triple People's Liberation Army budget with ill-gotten loot.

[Lerianis4]

wangbang, he is actually right on the head here with what China is saying.... which is a PACK OF LIES! It's time to realize that China is an evil country and stop doing business with them or insisting that anything high tech from China is screened for trojans and other nasty **** before it comes out of that country.

[Jonathan]

And China love you long time. :P

[Jonathan]

"China is an evil country"

*sighs* That is such an insane comment it broders on the retarded. You want to point fingers point them at the leadership. The people of china are neither good nor bad. They are simply citizens. I'm certain that if you talked to your average Chinese citizen they would say that Americans are evil incarnate in how we force our ways on other cultures. Or bully other countries. Everyone has their own take on everyone else. But that said. Yes. The leadership in China is pretty damn fracked up. As it was with Bush. The difference is we have at least some control of who runs our country....some. China? Whatever.

[masajo928]

This might explain things better...

60 Minutes: Stealing America's Secrets

http://www.cbsnews.com/video/watch/?id=6252949n&tag=cbsnewsMainColumnArea.5

[n3td3v]

These are domestic appliances, what the government should be more worried about is appliances used for industrial use.

I would be less concerned about battery chargers and photo frames that we gave our next of kin retired couples in chrsitmas stockings, they are small fry.

What we should be looking at is, how have state intelligence agencies managed to infiltrate the national grid and multi-national corporations.

What I think battery chargers and photo frames, they just don't seem as a top priority to be overly concerned about.

However, electronics used in industry we should be worried about.

A back door in a router is going to be more worth while for intelligence agencies, than getting an insider to plant code in a domestic photo frame.

The photo frame issue and the battery charger are more likely to be the work of serious organised crime gangs than state actors.

Marcus blantantly doesn't know what he is talking about for mentioning China without any proof, the most powerful serious organised crime gangs are in Russia, Europe and America.

By mentioning China, he seems to be suggesting state involvement, that just simply isn't what's going on with battery chargers and photo frames, its the work of serious organised crime gangs looking to take personal data, bank info to sell to fund bigger crime operations out in the real world away from cyber.

The serious organised crime gangs only use cyber to fund their real life criminal activity's.

There simply is no conspiracy here of government involvement, its irrational, irresponsible and shows Marcus hasn't researched what he is talking about properly.

[celticbrewer]

He didn't mention or suggest a conspiracy- only the FACT that similar malware was loaded onto other consumer devices from a production line in China. He also stresses that it may "not (be) intentionally but because the hygiene wasn't good"

The issue here is that items are infected before hitting the store shelf, and not by end-user error. This is a big deal because if it can happen to a photo frame or USB charger, then what's to stop it from happening to those "industrial" applicances you're so worried about?

[cbs16]

The author mentions China because the trojan was written in Chinese (http://www.kb.cert.org/vuls/id/154421).

Why do you assume there was an intimation that there was government involvement? It would appear that in your sensitivity to suggestion that Chinese were involved, you make the exact same mistake you accuse others of. By assuming "Chinese" == "Government" then you also indicate that any offense made by a Chinese national is in the name of the government. Makes no sense, does it?

[SumDuud]

Sadly you are mistaken. If you ever take a walk though the cube farms at high end military installations, you would be surprised at how many digital picture frames you see on people's desks, often attached to their computers. These are government issues computers, potentially with access to classified (and higher level clearance) documents. This threat is very real.

[Mergatroid Mania]

@n3td3v

Man, go back and reread the article again. Think you missed something? Like where Marcus specifically states that the infections are caused by factories that had poor security measures? Man, time to go work on your reading comprehension. I believe the entire point to mentioning the Chinese is that this item was manufactured in their factories.

I'm afraid it's not Marcus who doesn't know what he's talking about.

[Button Boy]

This is not small fry when it happens to you. When you send that picture frame to your parents so they can have pictures of the grandkids on their mantle, you may have just given all your accounting information to China.com. Congradulations.

[wirelesscaller]

Remote access means they can then remove security ware or give exceptions to more harmful ware and convert that computer into a bot. Most attacks are done by harvesting a lot of bots and launching attacks in this fashion. Using bots in the US allows them to attack with a much higher bandwidth without having to deal with the bottleneck of networks between nations. Identity theft affects individuals, but groups of bots can affect companies and nations, this is a potential threat and it may or may not have been done by either a group of people, organized crime, or government any of which doesn't matter it shouldn't have gotten past quality control in the first place.

[mikeburek]

Thanks for the report.

[cloudmatt]

+1
Cnet needs to hear this from time to time.

[alskiontheweb]

Now I know why that damn bunny is always smiling....he just got your credit card and bank account numbers!

[Joe Real]

Thanks to our executives who wanted to outsource everything to China. Of course, Chinese people did not miss any opportunity of inserting whatever malware they can cram unto the firmware and hardware. If your computer has a chip that came from China and abroad, or your computer has passed through China, then it is 100% contaminated with malware. So you love to buy pirated products that have been cracked by the Chinese? That too has all the insidious malwares.

But let us not forget the greatest bloatware and malware of all time... right here under our noses.

[Mergatroid Mania]

So, every IC manufactured in China is infected? Got any proof of that statement? I think you're full of $hit myself.

[Outside_Looking_In]

I know you're all tired of hearing about it but.... I love my Mac!
Hate if you must...

[solitare_pax]

Sadly, most Apple products are made in China too.

Apple enforces better "hygene" there (and cuter workers if you saw the iPhone girl...)

[Mergatroid Mania]

Yeah, like DUH. Apples are manufactured in China as well. You know, Chinese factories where all sorts of things can happen, like factory workers being killed?

I don't know about anyone else, but I would gladly clean some malware off of my PC if it meant the Apple factory worker who was killed could be brought back to his family.

Moron.....

[Outside_Looking_In]

Um, ya... I full well know where my Mac was made. My point was to drive home the malware problem! Silly rabbit! If Macs were manufactured here, they'd be less affordable and there would be more whining about them being overpriced! And one more thing- Americans don't get killed in factories??? Give me a break!

[baconstang]

A USB battery charger? Man that just sucks. Seriously, I feel sorry for you guys, and for all my friends that use Windows... both of them.

[baconstang]

Americans die in factories when some yahoo loses it and sprays his coworkers with his 2nd Amendment.

[zyxxy]

Americans die in factories when some greedy manager removes the safety equipment so service downtime is reduced. Americans die in factories when production lines are sped up beyond what the line workers can cope with. Americans die in factories where material safety sheets are not properly posted and approved protective gear is not maintained or present. Try to keep your desk job, because the factory floor is not the most pleasant place in the world.

[wirelesscaller]

Macs are more vulnerable to exploits, they don't run security ware, they patch slowly, and are the first systems cracked in security competition, your point?

[poetfreak]

This is just one of many ways that China is using computers to spy and steal from us. Once, a fluke. but three confirmed massive privacy attacks in the last 90 days. Is anyone else paying attention???? Where the f*(k is our homeland security now? Oh, spreading bull so we can kill for oil in the middle east while China is poisoning our toothpaste, our pdfs, our chms, our electronics and building towards our complete demise.

And even though this is consumer electronics... you know how powerful even 900 computers working together are??? as tough as any single computer on our planet. And I bet it was WAY more then 900... and for how long before we discovered? How many have we missed??? Yet how many companies are hiring them to build our drivers. MORONS!

Greed and foolish optimism will be the death of us.

[n3td3v]

@Joe Real @poetfreak

America is doing the same to the rest of the world,

America has just managed to fine tune its propaganda machine against China, so that you gullible people keep ranting about China being evil against everyone under news articles and to your friends.

Think for yourself for once and stop being sucked in to what you read in news articles.

If China are doing it, then America are doing it as well and many other country's besides.

[Mergatroid Mania]

Uh, the American, Canadian, English and other western governments do not control our media because we live in the West You know, the countries with a FREE people and FREE PRESS? Where we're not told who to vote for. Where we don't poison all the people living in a village by installing a factory too close and allowing them to pollute all the drinking water.

n3td3v I've seen all the pro China propaganda you spout off here. You actually believe our press doesn't do a better job keeping our governments in check than ....oh wait, there is no one in China to keep the Chinese government in check, is there?

So, who's more likely to spout the propaganda, the Chinese government with no checks and balances, or Western governments with a free press?

Don't even answer, I already know what you'll say. Just don't expect me to believe it.

[Renegade Knight]

@ Mergatroid Mania

You funny. You said "free" in the same country that passed the patiot act. The most anti patriotic piece of freedom restricting legilstion to hit the books in some time.

[n3td3v]

"American, Canadian, English and other western governments do not control our media because we live in the West You know, the countries with a FREE people and FREE PRESS?"

I'm not sure if this was supposed to be a joke or not but I sure did laugh.

They control everything.

So free that even your Cnet comments are now sitting on a signals intelligence database, so free your mobile phone calls are being listened into.

So free your DNA is taken even if you've only been held in custody but released without charge.

So free that your movements are watched on CCTV cameras and everytime you use a swipe card on the tube, bus or use a cash machine, or buy something.

So free you are being full body scanned at airports, the list goes on.

Protesters are harassed, monitored or even killed, like what happened in London with the G20 protests: http://www.guardian.co.uk/world/2009/apr/02/g20-protests-man-dies-london

BBC News is funded by mandatory TV licence and is enforced by the government, we are threatened if we don't pay, and even jailed.

And you only ever hear certain things on BBC News, there are some things that are never broadcast, like the gag by MI6 not to allow the release of forensic evidence into the suspicious death of the weapons expert Dr David Kelly for 70 years: http://www.dailymail.co.uk/news/article-1245599/David-Kelly-post-mortem-kept-secret-70-years-doctors-accuse-Lord-Hutton-concealing-vital-information.html never mentioned on BBC News or Sky News.

Free my backside, start living in the real world instead of reading news articles all your life on the internet.

You've got to ask yourself why certain things aren't appearing on the main stream news channels, there is no proof government agents work in the news rooms, but yeah.

Media everywhere just has a feel of being suspiciously controlled, you never get a media outlet being fair to every side of everything.

There is always media outlets that are for or against one side or the other in their reporting, there is no such thing as free media, anywhere, and there is certainly no such thing as a free country.

[wirelesscaller]

Gee I can't remember the last time a protester was ran over by a tank and the government censored the search for it in the US, can you?

[clamenza]

Iranians found out the hard way Nokia-Siemens helped the Iran government build backdoors in telecom equipments.

Yahoo and Google among others helped China build the great firewall.

Money's the problem here, naive Americans.

[Mergatroid Mania]

Money's always been a problem, where have you been for the last several thousand years?

The big problem here is the mix of greed and a corrupt Chinese government. Also the fact that there is no watchdog or anyone to rein them in. Nothing to stop them from doing whatever they want.

Americans aren't naive, just greedy.

There is a war coming with China over Taiwan and the balance of power as the USA and the BRIC nations juggle for hegmony and economic, social , military dominance. Some of the first shots have already been fired with scoping out breaches in our electrical grid. Diesel sub production is up and specific "sunfire" carrier killer missles are ready should we enter the Straits of Taiwan under our mutual aid treaty.

Simply stop buying from them. Dont trade with them and get that laser defense up to stop their 40 ICBMs from hitting the west coast. We have simply been building up our most likely competitor and next enemy with our own dollars and borrowing from them to fund our surplus.

but American sheep will never see this as the education system has fallen in stature just as our nation and its abilities have.

[Mergatroid Mania]

40 ICBMs? You sure about that? Because that's pretty laughable. I would expect them to have a lot more than 40 ICBMs. If 40 is all they have, they wouldn't dare launch them. The U.S. alone could launch a couple thousand back, and some of those with multiple warheads.

You can have fun telling us about all the weapons you know about on each side, but it's the ones you don't know about that will actually be winning any war, and the U.S. has been at the "secret atomic plus age weapons game" a lot longer than China has.

Of course China couldn't get started on that until they finished stealing all the tech from the west. At least all the tech we let them steal.

[Jonathan]

Yah you go ahead and tell Walmart, Best Buy, Sears, JC Penny's, Toys R US, Target, etc to stop selling stuff from China and get back to us on the results. They would all have one lane of crap consisting of bed linens, shoe liners, and shower scrubbers.
The fact is anything that is based on electronics is based out of China. Period. This includes Apple, Dell, Gateway, HP, etc. There is NO, absolutely NO way in hell we will ever stop buying from China as long as Americans want their stuff cheap. And that is only things like shoes and such. If you want American brand TV's and such? Expect to be paying 3K for a TV instead of $700. Because you would have to start up an entire industry from scratch again to do that, and that will NOT happen.

[wirelesscaller]

Why should they bomb us, our government used parts of the country for collateral for the loans, it would be like taking a dump on their lawn.

[saadasim]

We buy junk from China and in return China buys junk (bonds) from US.
Everything is good.

Invest in gold and don't buy junk.

What is the point of installing software for a battery charger?

[satcomer]

I was thinking the same thing.

[Renegade Knight]

I suspect to give you some monitoring ablity on your charger, it's status, and the state of the battery. Potentially to let you conrol the hardare (though that doesn't look like it's advanced enough to offer this feature).

[krypter]

Eagerly looking forward to the day all our appliances can be set to KILL by a Chinese bureaucrat or bored 14-year-old American hacker.

[n3td3v]

The 14 year old American hacker will be accused of being a Chinese hacker from a Chinese military university though in the media.

We'll never get to find out the hacker was American or 14.

And Hillary Clinton will be around for the political back up speech to make it all sound believable for CNN and Fox News viewers.

[EvanSei]

a battery charger? Really? I thought that at least the little things would be safe, but no....sigh.

[richard993]

There are a number of issues... but the primary issue here is that the outsourcing model is not working. It doesn't matter if it is China, India, Pakistan, Korea or even the moon. The minute you start cutting corners to save a couple bucks by hiring cheap skilled labour, you are putting yourself and your customers at risk.

Now if you are employed by a manufacturer and you develop drivers for the manufacturer, but they pay you a very low wage and you cannot support your family, the thought of taking a small bribe of $10,000US (which could be a year or two worth of wages) is looking a lot more attractive to that person than the person who is reasonably paid and under good working conditions. Furthermore, if the government does not take these crimes seriously enough, then the penalty becomes negligible compared to the reward.

I have come across various drivers from various hardware vendors (all from overseas) which also have had trojans embedded in them. All I can say to these hardware vendors is: tough. Saving a couple thousand dollars will cost you millions in loss of reputation and lawsuits.

[weegg]

Any gov't that filters and controls information and uses the internet to spy on their citizens is evil. Oh wait.....damn.