Energizer USB charger infected with Trojan

less than 1 minute read

Hmmm. A new vector for malware: USB battery chargers. Wonderful.

The U.S. Computer Emergency Response Team (CERT) is warning that Energizer DUO USB battery chargers have been found infected with a Trojan that loads backdoor malware on a victim PC along with its battery monitoring software.

The charger copies a .dll file named UsbCharger.dll in the application’s directory and another named Arucer.dll in the Windows system32 directory. USBCharger sets a registry entry to autoexecute Arucer.dll when Windows starts.

Arucer.dll is a backdoor that communicates through TCP port 7777.

The charger has been sold worldwide for three years.

CERT notes that the Trojan contains Chinese language text.

Sunbelt detects it as Trojan.Arugizer.

CERT Vulnerability Note VU#154421 here.

PCWorld news story here. 

Leave a comment