This is not a joke. This was posted on the US-CERT site. US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). It is a public-private partnership.
"Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been available on the Energizer website. The installer for the Energizer DUO software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory. When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key."
See the full US-CERT warning at http://www.kb.cert.org/vuls/id/154421.
Ask us about Linux: more secure, more stable, more better. We run Linux in house for all our document and image processing needs and have no problems communicating with the world at large and never have to worry about viruses!
Comments
ya this issue has came
ya this issue has came forward as a security hole.Software that can be downloaded for use with the Energizer Duo USB battery charger contains a backdoor that could allow an attacker to remotely take control of a Windows-based PC.According the statement issued by Symantec, it is now assumed that the Trojan may have been in the software since it was first offered three years ago.
mobile softwares
yes it can be possible that
yes it can be possible that Trojan may have in software from the very beginning itself but no one noticed it.Although Energizer has discontinued sale of this product and has removed the site to download the software.
romantic sms