Energizer Malware

We received several emails today about the US-CERT analysis of Trojan horse software found in an application designed for a battery recharger.  Our assessment is that due to the dates involved (2007 and 2008) this is likely related to the rash of malware we reported a couple of years ago that was found on digital photo frames, iPods, GPS devices, and other consumer products.  If any of our readers have any additional technical information or observations to share about this case, please use the comment feature below.

Marcus H. Sachs
Director, SANS Internet Storm Center


301 Posts
ISC Handler
Mar 9th 2010
The install exe for this software is code-sign timestamped 31st July 2007. I noticed this open port (7777) after installing the software, but as it was part of a digitally signed archive, I didn't think it would be malware!

Verisign have still not revoked the code-signing certificate that this software is signed with and neither does my anti-virus detect the malicious dll.

I think this shows how even software from big companies which is digitally signed cannot always be trusted. Energizer should be taking serious action against their software supplier.

Sign Up for Free or Log In to start participating in the conversation!