Trojans spread via Energizer battery charger, say researchers

The Energizer DUO, a USB-powered nickel-metal hydride battery recharger, has been discontinued, said Energizer Holdings. Researchers at US-CERT (United States Computer Emergency Readiness Team)discovered the security flaw but have yet  ascertain how the Trojan made its way into the software.

"Energizer is currently working with both CERT and U.S. government officials to understand how the code was inserted in the software," Energizer said in a statement.

The Windows software included with the charger is designed to show battery-charging status. When the software is installed, it creates the file "Arucer.dll," which is actually a Trojan that listens for commands on TCP port 7777. Upon instructions, the Trojan can download and execute files, transmit files stolen from the PC, or tweak the Windows registry. The Trojan automatically executes each time the PC is turned on, and remains active, even if the Energizer charger is not connected to the machine.

Energizer said it has removed the software from its download site, and added that although it had offered similar software for Mac OS X, only the Windows version had been infected.

This isn't the first time a piece of hardware is blamed for the spread of malware among unsuspecting users. In 2007, Seagate Technology admitted that an unknown number of its hard drives left an Asian manufacturing plant with Trojan horses, while the year before that Apple warned iPod owners that some of the music players carried a Windows virus.