Forgot your password?

Back to login

Hidden Keylogger found in HP laptops
December 21, 2017, 5:14 pm

Security research has found that some of the laptops sold by HP come with a preinstalled ‘keylogger’ program that captures keystrokes of users. Cyber-attackers with access to the program could capture passwords as they are typed and use it to access financial and personal accounts of users.

Once a machine is compromised, instead of using a malicious payload that possibly could be identified by security products, a smart attacker might turn on and use the built-in keyboard logger feature, explained analysts at security firm AppRiver.

The keyloggers which have now been found across more than 460 different models of HP laptops were inadvertently not removed before shipping. The keylogger was part of the Synaptics touchpad found on HP laptops and was used for debugging purposes by Synaptics.

It's likely that the quality control checks for the third-party drivers were not extensive enough to uncover the disabled keylogger remaining from the software development stage, said the AppRiver analyst.

The keylogger is disabled by default, and requires administrative access to the device to be enabled, so the risk for consumers and business users is at present rather low. Still, it is advisable for consumers to ensure their systems are updated so as to reduce opportunities for exploitation at any future date.

Share your views

"It is hard to fail, but it is worse never to have tried to succeed."

"Envy comes from wanting something that isn't yours. But grief comes from losing something you've already had."

Photo Gallery