Windows USB Battery Charger that Tunnels through a Firewall?

This is not a joke. This was posted on the US-CERT site. US-CERT is the operational arm of the National Cyber Security Division (NCSD) at the Department of Homeland Security (DHS). It is a public-private partnership.

"Energizer DUO is a USB battery charger. An optional Windows application that allows the user to view the battery charging status has been available on the Energizer website. The installer for the Energizer DUO software places the file UsbCharger.dll in the application's directory and Arucer.dll in the Windows system32 directory. When the Energizer UsbCharger software executes, it utilizes the UsbCharger.dll component for providing USB communication capabilities. UsbCharger.dll executes Arucer.dll via the Windows rundll32.exe mechanism, and it also configures Arucer.dll to execute automatically when Windows starts by creating an entry in the HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key."

See the full US-CERT warning at http://www.kb.cert.org/vuls/id/154421.

Ask us about Linux: more secure, more stable, more better. We run Linux in house for all our document and image processing needs and have no problems communicating with the world at large and never have to worry about viruses!

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer