Pretty soon you won't even be able to buy a toaster without worrying that it might be infected with malware. We're not quite at that point yet, but you can add an Energizer USB battery charger to the growing list of devices on the potentially contaminated list.
It's not the gadget itself, but the software that comes with Energizer's Duo Charger, model CHUSB. According to Carnegie Mellon University's Computer Emergency Response Team (CERT), Energizer has been unkowingly distributing a backdoor Trojan since 2007.
The software was designed to let users check the status of batteries inserted into the charger, but it's the inclusion of a nasty DLL file (Arucer.dll) that's troubling. Once infected, the malware could download and execute files, send a directory listing to the remote attacker, send files to a remote attacker, and make changes to the registry.
Energizer, now aware of the problem, has discontinued sale of the product and is advising consumers "that downloaded the Windows version of the software to uninstall or otherwise remove the software from your computer," in addition to removing the Arucer.dll file.