Seriously?

Malware stuffed into a USB battery charger?

This is just as bad as a trojan on a key fob and… smart phone? . Actually, this is worse because people don’t expect utility to run.

Is nothing sacred?

I’d just like to point out, being a big Mac-fan, that it would have been trivial to write an exploit Macs with this as well. Though it can be frustrated by enabling the Firewall. But face it, nobody (translate to not many) does but me.

Lessons lessons

What’s the lesson here? Don’t trust a battery company software? Don’t use autorun? I’m sure Microsoft thought that it sounded like a great idea way back in the day.

You auto-be-running

Apparently, autorun has been renamed to autoplay (<sarcasm>Where the heck have I been, what a change!</sarcasm>).

According to KB967715 they had it disabled in XP prior to SP2. Now it’s enabled for XP SP2+, Vista, and 7. However, for Vista and 7 users, it asks you if you want to auto-run it first.

Trust

Again, it’s about trust. Do you trust Energizer to make you software? Apparently not any more. Even if you have auto-run disabled, it appears as though you can still be compromised because you trusted the application to run. So, a Mac is just as vulnerable in this respect.

So the next time a peripheral decides to offer you friendly software: just say no!

Left unsaid

I’m sure there’s tons of room for comments such as: “It’s the manufacturers overseas!” and, while that MIGHT be true, it would be much better if we didn’t trust all these random devices and gadgets we have.