The United States Computer Emergency Readiness Team (US-CERT) issued a new vulnerability note. However, this particular “vulnerability” concerns a rather unusual product—a USB charger for rechargeable batteries.

The Energizer DUO is a charger for two AA or AAA batteries that can be plugged into USB ports. While no software is needed to use the charger, Energizer did provide an application that would display the charge level of the batteries inserted into the charger.

However, the said application goes far beyond that. It also includes a backdoor detected by Trend Micro as BKDR_ARUGIZER.A. This particular backdoor opens port 7777 to incoming connections, allowing it to receive various commands from remote users. Among the possible commands are to:

• Download and execute files
• Delete files on affected systems
• Upload files from affected systems to a server

While this backdoor does have routines that could cause significant problems, it is not yet clear if these were actually used. Energizer already released an official statement on the issue, announcing the discontinued sale of the charger in question. It is likewise currently working with the US-CERT and U.S. government officials to understand how the code was inserted into the software.

Trend Micro™ Smart Protection Network™ already protects product users from these threats by detecting and preventing the file’s execution on affected systems via the file reputation service.

Non-Trend Micro product users, on the other hand, can use free tools like HouseCall, which identifies and removes various viruses, Trojans, worms, unwanted browser plug-ins, and other malware from affected systems.

Spam about diet or weight loss plans have been around for ages now, mostly spreading through email. However, spammed messages recently made their rounds on Twitter, compromising unwitting users’ accounts and spreading via these infected accounts.

Compromised Twitter accounts post Tweets that tell their followers to click the shortened link to try out a new diet/weight loss plan.

Clicking the given link redirects users to possibly malicious websites that promote Acai Berry.

Compromised accounts were possibly infected from previous Twitter spam runs previously featured in the following blog entries and are being used again for this new attack:

• Twitter DM Spam Collects Mobile Numbers
• Job Spam Uses Twitter
• A New Twitter Worm Is Making the Rounds

As of this writing, Twitter is already aware of this latest spam attack and has taken the necessary corrective actions to prevent the spam from spreading further.

Users are strongly advised to refrain from clicking the links contained in Tweets with similar messages even if they come from a known or a trusted user. On the other hand, users who think their accounts may be one of those that have been compromised should change their passwords as soon as possible.

Trend Micro™ Smart Protection Network™ protects product users from this kind of attack by blocking user access to the malicious domains and other related sites.

For Twitter users, follow @TrendMicro to get the latest security information and updates on how to stay protected from new and upcoming threats.

Some time ago (February 25–26), the Anti-Malware Testing Standard Organization (AMTSO) had its first meeting this year. This time, it was hosted by McAfee and took place in Santa Clara, California.

One of the hot topics during the meeting was related to the initiative to review reports published by testing and certification organizations/companies.

How was this process designed? The Review Analysis Board (RAB) of the AMTSO receives initial requests, makes a decision to conduct a review, and coordinates the work of the Review Analysis Committee (RAC). The RAC comprises volunteer members that analyze reports against the organization’s existing nine principles. The AMTSO’s principles were agreed upon by its members—testers and antivirus vendors—and supported by the AMTSO’s academic advisors. The testing principles mainly refer to how published reports could be presented to their audiences.

The review process does not, however, intend to prove if the right things were done but rather to review whether the things done were done right.

As such, as long as a test report included an accurate description of how threat samples were gathered and validated, how tests were conducted, and how conclusions were made (including correct and fair communication among all parties involved in the testing), then the report may be deemed compliant with the AMTSO’s testing principles. The actual testing methodology used by a testing lab was not, itself, the subject of the review.

Take, for instance, a highly innovative test like the one conducted by NSS Labs last year. This was reviewed based on how well the testing methods and conditions were described and whether the conclusions did follow the test results, regardless of the way the test was designed and its methodology.

The AMTSO’s reviews neither intend to promote nor constrain innovation in anti-malware product testing methodology but to improve output quality.