Author |
Message |
david1
Member
|
# Posted: 11 Mar 2010 09:13
Reply
The US-CERT has detected a trojan in software bundled with Energizer's DUO USB Battery Charger.
Tuesday we reported that a Panda Security employee discovered three malware programs on his new HTC Magic phone. However there was also another malware-related report on Tuesday as well, provided by the United States Computer Emergency Readiness Team. (US-CERT). Like the HTC phone, malware was discovered in association with a new, trusted device.
According to the official report, the team discovered a trojan residing in software packaged with the Energizer DUO USB Battery Charger. Although the installer places a legitimate file into the application's directory, it also places Arucer.dll into the Windows system32 directory. The latter file has been classified as a backdoor trojan that allows unauthorized remote system access.
For users of Windows XP SP2 or later, the system's built-in firewall will prompt the user about the Energizer USB Charger software accessing the Internet. Naturally, unsuspecting consumers unblock the request, thus accepting connections on TCP port 7777 and leaving the PC open for hackers. "An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs," the report reads. "The backdoor operates with the privileges of the logged-on user."
The US-CERT said that users can simply uninstall the Energizer USB Charger software, however the Arucer.dll file will still remain in the Windows system32 directory until it is manually removed. But by uninstalling the software, users are removing the registry value that causes the backdoor to execute automatically when Windows starts, thus leaving Arucer.dll inactive.
Consumers wanting to run the software provided by Energizer could alternatively block access to TCP port 7777 in their firewall settings.
Source: http://www.tomsguide.com/us/Energizer-Battery-Char ger-Trojan-Backdoor,news-6080.html
XZ
|
tycho
Moderator
|
# Posted: 11 Mar 2010 09:44
Reply
Nice =D Thanks for posting =)
|
david1
Member
|
# Posted: 11 Mar 2010 11:01
Reply
what makes this even more hilarious though, is that the trojan is in the software BUNDLED with the usb charger.
Scary thought of the lenghts hackers are going to now to access your system.
Just reiterates the point, how do you know what to trust when software from a legitimate source is infected!
|
tycho
Moderator
|
# Posted: 11 Mar 2010 11:29
Reply
Use Linux ?
|
mezoti
Member
|
# Posted: 11 Mar 2010 12:01
Reply
What Thor said.
|
david1
Member
|
# Posted: 11 Mar 2010 16:28
Reply
Its easy to develope malicious code for ittle tux'y, only reason hackers arnt doing it at the moment, is most linux users are fellow hackers/programmers. If linux became mainstream used, id be willing to bet it wouldnt be long before linux got deluged with viruses.
|