Researcher Finds Keylogger Hidden Within Hundreds of HP Laptops

A security researcher has found a dormant keylogger preinstalled in the software of hundreds of HP laptop models, according to a new report.

A keylogger, generally defined as a malicious program that can send anything you type to an attacker, was found within the Synaptics touchpad driver. Reportedly, the issue affects more than 460 models of HP laptops, including EliteBook, ProBook, Pavilion and Envy devices. Researcher Michael Myng stumbled upon the finding after looking into a separate issue, according to a blog post he wrote about the issue.

“Some time ago someone asked me if I can figure out how to control HP’s laptop keyboard backlight,” Myng wrote. “I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings.”

Those strings led to the discovery of the keylogger, which Myng said was deactivated by default. But its inclusion within the software opened up security concerns if an attacker had access to the computer. In other words, someone could reactivate and record everything that was typed on the HP laptops.

Luckily, HP was quick to respond. The PC maker acknowledged that the keylogger could lead to a “loss of confidentiality,” and it issued a software patch so that customers can remove the security hole. As far as why it was hidden within the driver, the company said that the keylogger was included to help in debugging errors.

“HP uses Synaptics touchpad in some of its mobile PCs and has worked with synaptic to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com,” HP said in a statement. The OEM has also released a full list of affected laptop models, which you can view here.

This isn’t the first time that a keylogger was discovered embedded within HP devices, however. Earlier this year, a similar keylogger was found in the audio drivers that were pre-installed on several HP computers. In that case, HP said that the keylogger code was added by mistake, ZDNet reported in May.

Read Next: 3 New Things Apple Could Do with Shazam’s Technology

Source