WTF? Energizer battery charger contains backdoor?

Energizer Duo
What.the.f*ck…Energizer battery charger contains backdoor

The United States Computer Emergency Response Team (US-CERT) has warned that the software included in the Energizer DUO USB battery charger contains a backdoor that allows unauthorized remote system access. In an advisory, the US-CERT warned that he installer for the Energizer DUO software places the file UsbCharger.dll in the application’s directory and Arucer.dll in the Windows system32 directory. An attacker is able to remotely control a system, including the ability to list directories, send and receive files, and execute programs. The backdoor operates with the privileges of the logged-on user.

This is the best reason to pick an open source charger of any kind, like the MintyBoost (not batteries, just devices until the new version 🙂. The MintyBoost will not install software and not trojan your computer.


Adafruit publishes a wide range of writing and video content, including interviews and reporting on the maker market and the wider technology world. Our standards page is intended as a guide to best practices that Adafruit uses, as well as an outline of the ethical standards Adafruit aspires to. While Adafruit is not an independent journalistic institution, Adafruit strives to be a fair, informative, and positive voice within the community – check it out here: adafruit.com/editorialstandards

Join Adafruit on Mastodon

Adafruit is on Mastodon, join in! adafruit.com/mastodon

Stop breadboarding and soldering – start making immediately! Adafruit’s Circuit Playground is jam-packed with LEDs, sensors, buttons, alligator clip pads and more. Build projects with Circuit Playground in a few minutes with the drag-and-drop MakeCode programming site, learn computer science using the CS Discoveries class on code.org, jump into CircuitPython to learn Python and hardware together, TinyGO, or even use the Arduino IDE. Circuit Playground Express is the newest and best Circuit Playground board, with support for CircuitPython, MakeCode, and Arduino. It has a powerful processor, 10 NeoPixels, mini speaker, InfraRed receive and transmit, two buttons, a switch, 14 alligator clip pads, and lots of sensors: capacitive touch, IR proximity, temperature, light, motion and sound. A whole wide world of electronics and coding is waiting for you, and it fits in the palm of your hand.

Have an amazing project to share? The Electronics Show and Tell is every Wednesday at 7:30pm ET! To join, head over to YouTube and check out the show’s live chat and our Discord!

Join us every Wednesday night at 8pm ET for Ask an Engineer!

Join over 38,000+ makers on Adafruit’s Discord channels and be part of the community! http://adafru.it/discord

CircuitPython – The easiest way to program microcontrollers – CircuitPython.org


New Products – Adafruit Industries – Makers, hackers, artists, designers and engineers! — New Products 9/4/2024 Featuring Raspberry Pi Pico 2 – RP2350! @adafruit

Python for Microcontrollers – Adafruit Daily — Python on Microcontrollers Newsletter: Diving into the Raspberry Pi RP2350, Python Survey Results and more! #CircuitPython #Python #micropython @ThePSF @Raspberry_Pi

EYE on NPI – Adafruit Daily — EYE on NPI Maxim’s Himalaya uSLIC Step-Down Power Module #EyeOnNPI @maximintegrated @digikey

Adafruit IoT Monthly — IoT Vulnerability Disclosure, Decorative Dorm Lights, and more!

Maker Business – Adafruit Daily — A look at Boeing’s supply chain and manufacturing process

Electronics – Adafruit Daily — Function Generator Outputs

Get the only spam-free daily newsletter about wearables, running a "maker business", electronic tips and more! Subscribe at AdafruitDaily.com !



8 Comments

  1. Lameeeee

  2. That’s just frack’n lovely.

  3. Why a battery charger even requires software like that is beyond me – can’t you just enumerate as an HID and negotiate up to 500mA?

    The device in question is the opposite of the current MintyBoost, though – it charges AAs / AAAs from USB, not vice versa.

  4. How is a MintyBoost the same as this device? It looks to me like a battery charger and not a device that uses batteries to charge USB devices?
    True, stupid software mistake but do not realy see the connection with a MintyBoost. Or maybe you could use a MintyBoost to charge your batteries? Now that would be stupid! 😉

  5. @marius – we said open source “like” the mintyboost, encourage open source so things like this does not happen.

  6. Why do you even need software to run a Nicad charger? With all the various chips out there such as those available from Maxim, it’s all built into the silicon anyway, all the USB port needs to provide is power.

    Sounds like an over-engineered solution that got combined with a software developer’s infected system to produce malware installation disks that also installed the support software for the charger. Brrrrh!

  7. I’ve actually got one of these. Firstly, the mintyboost charges a device like an iPod. Whereas the Energizer charges batteries.

    Secondly, the software tells you how charged your batteries are. However the software is definitely poorly made. The readme had 4 typo’s in it at least.

  8. indiatechnews

    Jees, backdoor access via a usb battery charger! Really a big flaw.

Sorry, the comment form is closed at this time.