Some HP laptops are hiding a deactivated keylogger
Researcher Michael Myng discovered a deactivated keylogger in a piece of application discovered on about 460 HP notebook styles. A whole record of affected laptops is listed here. The keylogger is deactivated by default but could characterize a privateness issue if an attacker has bodily entry to the laptop.
“Some time in the past another person requested me if I can determine out how to regulate HP’s notebook keyboard backlight,” wrote Myng. “I requested for the keyboard driver SynTP.sys, opened it in IDA, and right after some browsing discovered a several attention-grabbing strings.”
The strings led to a little something that appeared to be a hidden keylogger – a plan that sends typed characters to an attacker – in a Synaptics product driver. Provided that the decompiled code organized and despatched key presses to an unnamed focus on, Myng was pretty particular he had a little something attention-grabbing on his arms.
Thankfully, HP responded swiftly.
“I experimented with to obtain HP notebook for rent and requested a several communities about that but acquired pretty much no replies,” he mentioned. “One dude even imagined that I am a thief attempting to rob another person. So, I messaged HP about the obtaining. They replied terrifically quickly, verified the existence of the keylogger (which actually was a debug trace) and released an update that gets rid of the trace.”