Software used in a battery charger contains a Trojan that gives hackers total access to PCs, the US Computer Emergency...
Readiness Team (Cert) has warned .
Energizer, which makes the Energizer DUO USB battery charger, has confirmed that the software contains malicious code, but said the company has discontinued the product in the US, Europe, Latin America and Asia.
"Energizer is currently working with both Cert and US government officials to understand how the code was inserted in the software," Energizer said in a statement.
Energizer provided software for download to enable users of the charger to view the battery charging status on a computer.
The Energizer site, since taken down, offered downloadable software in both Windows and Apple versions, but only the Windows version contained the vulnerability, the company said.
The company has advised customers who downloaded the Windows version of the software to uninstall it and Cert has recommended that users also remove the Arucer.dll file, which can be found in the Window system32 directory.
Arucer.dll is a backdoor that allows unauthorised remote system access, including the ability to list directories, send and receive files, and execute programs, Cert said.