Hundreds of HP Laptops Found to Have Hidden Keylogger

Author Photo
Dec 11, 2017
55Shares
Submit

Missed keylogging stories? HP is here to give you some major throwbacks as the company’s laptops have been discovered carrying a hidden keylogger. This is the second time this year that Hewlett Packard is being forced to issue emergency fixes to pre-installed keylogging software.

HP in the middle of keylogging crisis, yet again

We may see keylogging stories usually associated with Windows 10, but manufacturers of popular mobile phones and laptops grace our pages with similar issues every now and then. Software that is dropped by their makers to secretly record everything you type – what could be worse… Discovered by Michael Myng, also known as ZwClose, the researcher said that he was exploring the Synaptics Touchpad SynTP.sys keyboard driver and stumbled upon a piece of code that looked suspicious. The keylogger was saving scan codes to a WPP trace, and while logging was disabled by default, it could have been “enabled by setting a registry value (UAC required)”.

user-tracking-session-replay-scriptRelated Constant Tracking: How All the Major Websites You Visit Record Your Every Keystroke and Mouse Movement

HP had said that it built this software to help debug errors. The company added that while it’s a loss of confidentiality, it didn’t have access to customer data as a result of this “potential” security problem. The company also added that it’s a Synaptics issue, affecting all its OEM partners.

A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.

But, considering how only a few months ago, researchers had discovered a similar piece of code coming with audio drivers, this may add up to the list of “things HP shouldn’t have done”, with the company potentially losing customer trust.

The security researcher praised the company for its quick response. “I messaged HP about the finding,” Myng wrote. “They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

More than 460 models are affected by this latest security problem, including some of the company’s best sellers like the EliteBook, ProBook, Pavilion and Envy ranges. The company has now issued an emergency patch to resolve this driver-level pre-installed keylogger. The complete list of affected products has now been published by the company – a list that goes back to 2012. You can get the updated driver from HP or wait for the next Windows update that is expected to deliver this patch, as well.

Submit