The United States Computer Emergency Readiness Team (US-CERT) issued a new vulnerability note. However, this particular “vulnerability” concerns a rather unusual product—a USB charger for rechargeable batteries.
The Energizer DUO is a charger for two AA or AAA batteries that can be plugged into USB ports. While no software is needed to use the charger, Energizer did provide an application that would display the charge level of the batteries inserted into the charger.
However, the said application goes far beyond that. It also includes a backdoor detected by Trend Micro as BKDR_ARUGIZER.A. This particular backdoor opens port 7777 to incoming connections, allowing it to receive various commands from remote users. Among the possible commands are to:
- Download and execute files
- Delete files on affected systems
- Upload files from affected systems to a server
While this backdoor does have routines that could cause significant problems, it is not yet clear if these were actually used. Energizer already released an official statement on the issue, announcing the discontinued sale of the charger in question. It is likewise currently working with the US-CERT and U.S. government officials to understand how the code was inserted into the software.
Trend Micro™ Smart Protection Network™ already protects product users from these threats by detecting and preventing the file’s execution on affected systems via the file reputation service.
Non-Trend Micro product users, on the other hand, can use free tools like HouseCall, which identifies and removes various viruses, Trojans, worms, unwanted browser plug-ins, and other malware from affected systems.