EEbeat

On March 5th Symantec reported it had found that the Energizer Duo USB battery charger has been hiding a backdoor Trojan in its software that affects computers using Windows. According to Symantec the Trojan has probably been there since May 2007.
Energizer has now taken the software off the market and removed the site from which it could be downloaded, and suggested that customers who downloaded the Windows version to uninstall it. There are easy steps to fight the Trojan in affected machines, and Macintosh users are not affected.
Symantec’s Director of Global Intelligence, Dean Turner, said it’s impossible to be certain the Trojan has always been in the software that monitors the Duo USB charger, but the Trojan’s binary header states it was created in May 2007. It is not known how the Trojan came to be in the software, but malware has previously been found to be hidden inside products. Energizer is working with the US Computer Emergency Readiness Team (US-CERT) and the US government to try to find out how the code found its way into the software.
The Trojan allows an attacker to operate with the same privileges as the user who is logged in, and to remotely control the system via connections on 7777/tcp to send and receive files, run programs, and list the contents of directories.
US-CERT advises that to fix the problem, users can delete the Arucer.dll file from the Windows system32 directory, and then restart the system. An alternative fix is to remove the USB charger software. The Trojan Arucer.dll file will still be present but the code cannot be executed in the absence of the charger software. It is also advisable to block access to port 7777 using a firewall or via network perimeter devices.