HP has an awful history of ‘accidentally’ leaving keyloggers onto its customers’ laptops. At least two times which year, HP laptops were caught with pre-installed keylogger or spyware applications.
I was following a tweet made by a security researcher claiming to have found a built-in keylogger in several HP laptops, as well as at which point he went public with his findings.
A security researcher who goes by the name of ZwClose discovered a keylogger in several Hewlett-Packard (HP) laptops which could allow hackers to record your every keystroke as well as steal sensitive data, including passwords, account information, as well as credit card details.
The Keylogger was found embedded within the SynTP.sys file, a part of Synaptics touchpad driver which ships with HP notebook computers, leaving more than 460 HP Notebook types vulnerable to hackers.
Although the keylogger component is usually disabled by default, hackers can make use of available open source tools for bypassing User Account Control (UAC) to enable built-in keylogger “by setting a registry value.”
Here’s the location of the registry key:
The researcher reported the keylogger component to HP last month, as well as the company acknowledges the presence of keylogger, saying which was actually “a debug trace” which was left accidentally, however has at which point been removed.
“A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers which impact all Synaptics OEM partners,” HP says in its advisory, calling the keylogger as a potential, local loss of confidentiality.
“A party might need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of which issue.“
The company has released a Driver update for all the affected HP Notebook types. If you own an HP laptop, you can look for updates for your type. The list of affected HP notebooks can be found at the HP Support website.
which is usually not the very first time when a keylogger has been detected in HP laptops. In May which year, a built-in keylogger was found in an HP audio driver which was silently recording all of its users’ keystrokes as well as storing them in a human-readable file.