Business

Hackers can locate and exploit the Energizer USB charger backdoor

Hackers using the freely available Metasploit tool can locate infected systems on the local network or gain access to a system running the Energizer backdoor.

Written by Ryan Naraine, Contributor March 10, 2010 at 5:21 a.m. PT

Hackers using the Metasploit point-and-click attack tool can locate and exploit the backdoor Trojan that was recently found in the software included in the Energizer DUO USB battery charger

According to Metasploit creator HD Moore, pen-testers can use the freely available tool to locate infected systems on the local network or gain access to a system running the Energizer backdoor.

[ SEE: Energizer battery charger contains backdoor ]

The offending software, which has since been pulled by Energizer, contains Arucer.dll, which is a backdoor that allows unauthorized remote system access via accepting connections on 7777/tcp.

This allows an attacker to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.

It's important to immediately uninstall the backdoor component of the Energizer USB charger software by deleting the Arucer.dll file from the Windows system32 directory.

* Source: HD Moore/Metasploit.

Editorial standards

Show Comments

Hackers can locate and exploit the Energizer USB charger backdoor

Related

Not into the Tesla Powerwall? You can now buy the Anker Solix X1

Facebook's Meta AI is lying when it says you can disable it - but here's what you can do

The best AI image generators to try right now