RSS
WHAT? Un-freaking-believable! Energizer battery charger contains backdoor
The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory. An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.
When considering a battery charger, if there's an open source one, choose it - and avoid the one that comes with software for no good reason, otherwise this could happen... MAKE stocks the MintyBoost, and while that charges devices (not batteries) - it's open source, does not require software, will not trojan your computer.
Wow - I actually had to make sure today wasn't April 1st after reading the blockquaote!
RUN AWAY!
Reply to this comment
but this is a charger that charges batteries...not a battery that charges other things....
the solution here is...well...not nearly so simple.
Reply to this comment
Why does it take loading PC software to charge a battery? I sure hope that the charger will work if given only a 5V source, and not a full PC.
I consider any "must load" software to be suspect.
Reply to this comment
I HAD to upgrade my PC to Win7 with 16 gig RAM. I have a battery to charge!
Reply to this comment
I'm surprised there is a data connection at all. I wonder if you can use the thing like a thumbdrive or a programmable device?
I think this product is over three years old already.. i'm curious how many computers have been infected since then. I'm also curious if virus definitions have been out for this trojan already... chances are this is not the first time it has been used.
On all my windows computers i have autorun disabled. Mostly to prevent "driveby" style thumbdrive attacks (you know.. like at lanparties).
The Advisory says the trojan was written in chinese.. my guess is if Adafruit ever shipped a kit with parts from china, something similar could happen. Why not?
Reply to this comment
The adafruit device is completely different. For one, it doesn't charge batteries.
The act of plugging in the Energizer battery charger doesn't install this virus/backdoor. It is the CD that comes with it.
Serious doubts that the device acts as a memory device and installs a virus. Installation software is the culprit.
Reply to this comment
I said CD, although it could be a download instead. Nonetheless it is user-installed, not installed through USB.
Reply to this comment
Ah, thanks for that. I must have flashed past the CD part. So the device is sound but their support CD was infected. This is also very interesting. Could there be other venders with CDs infected this way? Practically any product can ship with a CD, whether for a digital manual or drivers.
I did realize that mintyboost provides the opposite functionality as this though. Was just trying to hint that nobody really knows what's on the chips we put into kits.
Reply to this comment
That happens all of the time. I read about driver CDs, digital audio players, even digital picture frames which came with factory installed viruses. And as you see not even the bigshot companies like Energizer are immune to that kind of sabotage.
Reply to this comment
@CircuitGizmo - please re-read my post... "This is the best reason to pick an open source battery charger, **like** the MintyBoost in the Maker Shed. "
open source is good, find things like it, that's what i meant, i can make it more clear if you have suggestions :)
Reply to this comment
I probably shouldn't argue with the guy that has the big BANHAMMER...
"This is the best reason to pick an open source battery charger, **like** the MintyBoost in the Maker Shed."
I read it correctly both times. I only wanted to clarify so that it doesn't lead others astray. First point to a device that uses USB power to charge AA cells and then point to the Mintyboost and say LIKE THAT. That might lead people to see the MintyBoost as a USB thingy that charges two AA cells.
I already grok the MintyBoost in its fullest. I was actually not trying to correct you, but just wanted to avoid a sudden surge of people wanting to charge their AA batteries with a MintyBoost. Or looking at the MintyBoost with a wary eye because it could infect your PC (which it can't, letmebeclearaboutthat.) Completely different from the Energizer in that sense.
Reply to this comment
@CircuitGizmo - naa, it's not like that at all, the banhammer hasn't been used ever, at least not by me. i think i've deleted maybe a dozen comments over 5 years (not counting spam) - it's all good, you're comment is cool with me and i think you've got a good point. i understand what your sayin' i've updated the post a little...
Reply to this comment
Yup. That pretty much says it.
Reply to this comment
But why would it need software? For charging status?
Most people (myself included) would just plug it in and expect it to work. The device should, however, have an EEPROM or something similar to store the expected amount of current used, if over 100mA (which I'm sure it is).
It's probably like a few other similar cases, where the computer that compiled the iso for the CD or (burned the master CD) had a virus on it, and hence made its way into the CD's contents.
From TFA: "Energizer has issued a statement acknowledging the issue. The company said it has discontinued sale of this product and has removed the site to download the software."
I totally want to buy these. Seriously. The batteries are awesome, and a USB charger, though not something I need (I have a combo wall and car charger), would be interesting to take apart, if for no other reason than to check out/repurpose the charging circuitry.
Reply to this comment
As for the title of this blog post... "Energizer battery charger contains backdoor? REALLY?", I say "Yes. That's where you put the batteries" :P
Reply to this comment
Actually now that the subject has been opened a bit, an otherwise innocuous device could install a virus onto your PC without the CD or application being the culprit.
Loose PC protection (users, admin rights, clicking OK, whatever) isn't a good thing, but even those that are aware might assume that the "free" software already on thumb drives is safe.
I was pretty annoyed to discover that an empty CDROM drive (made by LG) that I installed appears as if there is an inserted disk. From a Newegg review:
The software "is advertisement linked to the LG website to get you to buy more LG products. If you choose not to install the software you will be prompted to install it every time you close the drive door. If you install it you get the tray icons pointing to more LG products. If you remove it from the startup it adds itself back to the startup every time you close the drive door."
That is skanky and offensive, as far as I am concerned. (Good thing I installed it on a Linux machine that ignores the crud.) I no longer trust LG (like Sony). That is doing something to my property against my wishes.
Reply to this comment
@CircuitGizmo - on any new computer i wipe it clean and just start over, sony is one of the worst (and i used to work with sony back in the day, i really tried all their software, i had to).
Reply to this comment
Phillip: This was an *empty* DVDROM *drive* that acted as if it had a DVD in it with this unwanted software. Put a DVD in it and it looks normal. Take out the DVD and the "Bluebirds" software in the phantom DVD wants to install again. This is hardware that wants to install software.
Insidious. Imagine plugging in a mouse and it wants to install the software that the mouse maker wants you to use. Every so often the mouse reminds you that you can install this software. That would be heinous. The software could be anything - virus/trojan - you just don't know.
All I wanted was a DVDROM drive. Now Linux shows a mounted *fake* DVD in my drive all the time.
All I'm saying is that the potential exists for any USB device to be the source of a virus.
Reply to this comment
@CircuitGizmo:
What model it was?
As consumer rights are in poor condition where I live, most sellers would not accept any returns until the product still performs its function, that is, nuisances like this one do not count.
Reply to this comment
Sorry, but I can't be completely sure.
LG SATA DVDROM. Possibly GH22NS50.
Reply to this comment
@CircuitGizmo:
"I was pretty annoyed to discover that an empty CDROM drive (made by LG) that I installed appears as if there is an inserted disk."
That's FUBAR. Send it back!
Reply to this comment