Hackers can locate and exploit the Energizer USB charger backdoor
Hackers using the Metasploit point-and-click attack tool can locate and exploit the backdoor Trojan that was recently found in the software included in the Energizer DUO USB battery charger
According to Metasploit creator HD Moore, pen-testers can use the freely available tool to locate infected systems on the local network or gain access to a system running the Energizer backdoor.
[ SEE: Energizer battery charger contains backdoor ]
The offending software, which has since been pulled by Energizer, contains Arucer.dll, which is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp.
This allows an attacker to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.
It's important to immediately uninstall the backdoor component of the Energizer USB charger software by deleting the Arucer.dll file from the Windows system32 directory.
* Source: HD Moore/Metasploit.