Security Researcher Finds HP Laptop Keylogger

Security researcher Michael Myng recently located an HP laptop keylogger that has affected 460 HP models.

HP Laptop Keylogger
Monoar / Pixabay

HP Laptop Keylogger

Keeping your computer safe and secure is of the utmost importance to most PC users. A virus or hack can compromise your machine leading to irreversible system damage, but it can also open you open to problems that extend beyond a mere dead PC. Michael Myng’s discovery of a dormant HP laptop keylogger has major implications for computer security. A nefarious hacker could compromise your HP laptop through a piece of software used on millions of computers, potentially leaving you with stolen financial information, or any other private data stored within your PC.

Normally, you won’t have anything to worry about, as the keylogger is deactivated by default. If an attacker has access to a computer, however, and knows about the fault, it’s a potential recipe for disaster. Myng wrote online about his discovery soon after the HP Laptop keylogger was revealed. “Some time ago someone asked me if I can figure out how to control HP’s laptop keyboard backlight…I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings.”

The strings that Myng discovered led to a program that appears to be a hidden keylogger. A Synaptics device driver included in many HP models can apparently be used to send typed characters to an attacker. The decompiled code that Myng stumbled across sent key presses to an unnamed target, which is a serious vulnerability.

Myng did his best to alert HP to the issue, and the company responded very quickly.

“I tried to find HP laptop for rent and asked a few communities about that but got almost no replies…one guy even thought that I am a thief trying to rob someone. So, I messaged HP about the finding. They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

It’s important to update your computer as soon as possible to patch out the vulnerability created by the HP laptop keylogger. Check if you’re on the list of HP’s affected devices, and download the fix sooner rather than later. Taking the few minutes necessary to patch your PC could save you from a world of hurt later on if your PC were to be compromised.

HP Security

It’s been a roughly couple of months for HP overall, after being accused of quietly installing spyware on Windows PCs just last month. This recent security issue brings into question the company’s commitment to providing a secure device. Whether they’re adding questionable programs themselves or neglecting to recognize a major potential vulnerability, the company has had a rough go of it. Developers really need to get back on track and try for some good publicity rather than jumping from scandal to scandal.

The fact that the keylogger was present on the PCs appears to be just a simple oversight in this case rather than something purposefully left in. It was originally intended to act as a debugging tool to check for errors in Synaptics software. It was disabled but never removed, and this sloppy action led to a computer that could be compromised by anyone with knowhow and access to a user’s PC. With how prevalent Synaptics software is, it’s a major issue. With hackers poised to take advantage of any security flaw — especially in a software used by millions of people — there’s no telling how many PCs were compromised before Myng stumbled across this during unrelated research.

Let’s hope that the HP laptop keylogger is the last of security issues for the troubled manufacturer — at least for awhile. Every company has their missteps from time to time, but the recent controversy with manufacturer designed spyware has well-informed users livid. With the wide variety of PC brands available, it’s possible that continued security mistakes and oversights from HP could lead to a decline in sales. Perhaps when the situation starts to hurt their bottom line, the company will be a little bit more proactive in managing system vulnerabilities.