Back Door in Battery Charger
The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access.
That’s actually misleading. Even though the charger is an USB device, it does not contain the harmful installer described in the article—it has no storage capacity. The software has to be downloaded from the Energizer website, and the software is only used to monitor the progress of the charge. The software is not needed for the device to function properly.
Here are details.
Energizer has announced it will pull the software from its website, and also will stop selling the device.
EDITED TO ADD (3/23): Additional news here.
BF Skinner • March 23, 2010 6:45 AM
In fact Energizer says they already did – but it wasn’t true.
Register reports here
http://www.theregister.co.uk/2010/03/19/energizer_battery_trojan_remains/
http://www.theregister.co.uk/2010/03/18/energizer_battery_trojan_returns/
http://www.theregister.co.uk/2010/03/08/energizer_trojan/
Honestly a simple part of the fix, prevention and they wouldn’t do it? What? Did removing compromised software from their web site imply acceptance of liability?