An official website of the United States government
A .mil website belongs to an official U.S. Department of Defense organization in the United States.
A lock (lock ) or https:// means you’ve safely connected to the .mil website. Share sensitive information only on official, secure websites.

Marines

Unit HomeIwakuni NewsNews StoriesNews Article Display

Charger may open door for malicious software

23 Apr 2010 | Cpl. Salvador Moreno Marine Corps Air Station Iwakuni, Japan

PRINT
MARINE CORPS AIR STATION IWAKUNI, Japan -- Service members as well as all Marine Corps Exchange and Commissary patrons, be aware of a device that creates backdoor access to computer for potential hackers.

Recently it has been discovered the software available for the Energizer Duo universal serial bus battery charger contains a backdoor allowing unauthorized remote system access.

With that backdoor open, any computer is vulnerable to having its system attacked by a hacker.

According to the United States Computer Emergency Response Team (US-CERT), “an attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.”

The problem is not the device itself, but the software that comes with the device.

“Anyone that knows about this could exploit it and basically any attacker around the world could have access to your computer,” said Staff Sgt. Ryan Chilson, information assurance manager for Marine Corps Air Station Iwakuni.

Service members who use this device give any potential attacker the perfect access to join your computer to a botnet. A botnet is a number of Internet computers that, although their owners are unaware of it, have been set up to forward transmissions, including spam or viruses, to other computers on the Internet.

One possible scenario: service members install the device and software on their personal computers and take their work home with them. They could inadvertently corrupt government files or allow classified material to be distributed to the public without their knowledge due to their Energizer Duo USB device.

“Instead of using their own computer to launch an attack, they use 10,000 computers to launch attacks against nation states or businesses,” said Chilson.

Although this device can create a huge problem, there is a simple solution for those who have inserted this device into their computers and installed the software.

Remove the Energizer software and it will also remove the registry value that causes the backdoor access to execute automatically when Windows starts.

For additional information on the Energizer Duo USB, visit www.kb.cert.org and search for VU#154421.


Tags