Hervé
12th December 2017, 18:37
Security researcher uncovers keylogging software in hundreds of HP laptop models (https://www.rt.com/news/412778-hp-laptop-keylogger-code/)
RT (https://www.rt.com/news/412778-hp-laptop-keylogger-code/)
Tue, 12 Dec 2017 17:23 UTC
https://www.sott.net/image/s21/438665/large/5a2ed897fc7e9380108b4567.jpg (https://www.sott.net/image/s21/438665/full/5a2ed897fc7e9380108b4567.jpg)
Hewlett-Packard Co. logo is displayed on the back of the Envy x2 laptop © Bloomberg / Gettyimages.ru
A security researcher has revealed that some HP laptops have hidden software which can log everything typed on its keypads. More than 460 models have been affected, dating back to 2012, according to the list released by HP.
The discovery was made (https://zwclose.github.io/HP-keylogger/) by researcher Michael Myng who found the keylogging code in the pre-installed Synaptics Touchpad software on HP laptops.
Keyloggers record every key that is pressed on a keyboard. This means HP laptop users are at risk of having their passwords, bank details, private communications and search history recorded without their knowledge. The keylogger is disabled by default but there's risk it can be enabled by a hacker.
Myng, who is known online as "ZwClose," learned about the keylogger when he was examining the Synaptics Touchpad software to find out how to control the keyboard backlight. Myng has issued a software patch to remove the keylogger, and HP has released a driver update for affected laptops.
HP says neither the company nor Synaptics had access to the files, and that it was built into the Synaptics software to help debug errors.
"HP uses Synaptics' touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com," HP said. The company provided a list (https://support.hp.com/us-en/document/c05827409) of models affected.
This is the second keylogger code found in HP laptops this year. In May, Swiss security firm Modzero discovered (https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html) a keylogger built into the HP audio driver.
Also this year, the company was found (https://www.extremetech.com/computing/259605-hp-caught-installing-spyware-windows-10-systems-without-permission-notification) to have installed spyware applications on Windows 10 computers. Following a November update, users began noting a HP TouchPoint Analytics Client was installed and uploading information to HP servers daily.
RT (https://www.rt.com/news/412778-hp-laptop-keylogger-code/)
Tue, 12 Dec 2017 17:23 UTC
https://www.sott.net/image/s21/438665/large/5a2ed897fc7e9380108b4567.jpg (https://www.sott.net/image/s21/438665/full/5a2ed897fc7e9380108b4567.jpg)
Hewlett-Packard Co. logo is displayed on the back of the Envy x2 laptop © Bloomberg / Gettyimages.ru
A security researcher has revealed that some HP laptops have hidden software which can log everything typed on its keypads. More than 460 models have been affected, dating back to 2012, according to the list released by HP.
The discovery was made (https://zwclose.github.io/HP-keylogger/) by researcher Michael Myng who found the keylogging code in the pre-installed Synaptics Touchpad software on HP laptops.
Keyloggers record every key that is pressed on a keyboard. This means HP laptop users are at risk of having their passwords, bank details, private communications and search history recorded without their knowledge. The keylogger is disabled by default but there's risk it can be enabled by a hacker.
Myng, who is known online as "ZwClose," learned about the keylogger when he was examining the Synaptics Touchpad software to find out how to control the keyboard backlight. Myng has issued a software patch to remove the keylogger, and HP has released a driver update for affected laptops.
HP says neither the company nor Synaptics had access to the files, and that it was built into the Synaptics software to help debug errors.
"HP uses Synaptics' touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com," HP said. The company provided a list (https://support.hp.com/us-en/document/c05827409) of models affected.
This is the second keylogger code found in HP laptops this year. In May, Swiss security firm Modzero discovered (https://www.modzero.ch/modlog/archives/2017/05/11/en_keylogger_in_hewlett-packard_audio_driver/index.html) a keylogger built into the HP audio driver.
Also this year, the company was found (https://www.extremetech.com/computing/259605-hp-caught-installing-spyware-windows-10-systems-without-permission-notification) to have installed spyware applications on Windows 10 computers. Following a November update, users began noting a HP TouchPoint Analytics Client was installed and uploading information to HP servers daily.