Having someone record everything you type is a sinister thought indeed. Cyber-criminals use a technology known as a keylogger to gather sensitive information about users. This software records all your keystrokes and keeps a track of what you have been typing. This software has been revealed to be pre-installed on a range of laptops.
Hundreds of models of HP notebooks have been discovered to contain the keylogger software. It is disabled by default but could be enabled by hackers to obtain sensitive information like passwords and pin numbers. HP has created a website that lets the users check if their laptop is at risk. You can visit it here.
Micheal Myng, a computer security expert was the first to discover the bug and it is now believed that the bug affects around 500 models of HP laptops. These include EliteBook, ProBook, ZBook, Envy and Pavilion versions, among others.
In his blog post, Mr. Myng wrote, “Sometime ago someone asked me if I can figure out how to control HP’s laptop keyboard backlit. I asked for the keyboard driver, opened it and after some browsing noticed a few interesting strings. The logging was disabled by default but could be enabled by setting a registry value.”
HP issued a patch on their website and Windows Update to remove the keylogger which it advises all customers to download. The company acknowledges that the flaw could lead to “loss of confidentiality” for customers but HP had no access to the customer data.
This is not the first time that HP laptops have been found to contain keylogging software. Back in May, Swiss computer security consultancy ModZero found that 28 models of HP laptops come with keylogger software pre-installed. The recorded keystrokes could provide the hackers with access to everything that has ever been typed on the laptop.
A blog post by ModZero asks the users to delete specific files. The firm said, “There is no evidence that this keylogger has been intentionally implemented. Obviously, it is a negligence of the developers – which makes the software no less harmful. Our supplier partner-developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version. Fixes will be available shortly via HP.com.”
They urge the users to check if either of the programs C:\Windows\System32\MicTray64.exe or C:\Windows\System32\MicTray.exe are installed. If they are, you should delete or rename these files so that keystrokes are no longer recorded. The file C:\Users\Public\MicTray.log file should also be deleted as it might contain sensitive information like your login details and passwords.
HP users should check their laptops before losing any more valuable time.