More than 460 HP laptop models found with pre-installed keylogger



Keylogger found in HP Notebook models

Earlier this year, we had reported how the audio driver pre-installed on several Hewlett-Packard (HP) laptops contained a built-in keylogger code that recorded all of a user’s keystrokes and stored the information such as usernames and passwords, personal information in a human-readable file. In order to rectify this, HP then rolled out patches to remove the keylogger, which also deleted the log file containing the keystrokes.

Now, a security researcher named ‘ZwClose’ has claimed of discovering similar built-in keylogger issue in several HP laptops that allows hackers to record every keystroke of the user and steal sensitive data, including passwords, account information, and credit card details.

More than 460 HP Notebook models were reported to have been exposed for exploit to hackers due to the keylogger found present in the SynTP.sys file, which is a part of the Synaptics Touchpad driver that ships with some HP notebook models.

Even though the keylogger component is disabled by default, it could be enabled “by setting a registry value” by utilizing open source tools available for evading User Account Control (UAC).

Given below is the location of the registry key:



HKLM\Software\Synaptics\%ProductName%

HKLM\Software\Synaptics\%ProductName%\Default

HP was notified regarding the presence of keylogger component by the researcher last month, which was confirmed by the company who said that it was basically “a debug trace” that was left unintentionally and has now been removed.

In its advisory, HP called the keylogger as a potential, local loss of confidentiality. “A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impact all Synaptics OEM partners.

“A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.”

The company has released a Driver update to remove debugging code for all the affected HP Notebook models. Click here to see the entire list of affected HP laptops and their patches.

ZwClose also published a technical analysis of the SynTP.sys file and the keylogger code for security researchers and software developers.

Source: The Hacker News

Kavita Iyer

An individual, optimist, homemaker, foodie, a die hard cricket fan and most importantly one who believes in Being Human

Recent Posts

Windows 10 October 2018 Update Rolls Out Again, Still Full Of Flaws

Windows 10 October Update Still Incompatible With Some AMD GPUs After a delay of over a month, Microsoft finally re-released…

14 hours ago

10 Best Anime Torrent Websites In 2018

All forms of animated media or often referred to as Anime has millions of fans across the globe. Anime is…

18 hours ago

iPhone X, Samsung Galaxy S9, Xiaomi Mi 6 Hacked At Pwn2Own Tokyo 2018

iPhone X, Samsung Galaxy S9, and Xiaomi Mi 6 fall prey to hacking in the Pwn2Own hacking competition in Tokyo…

2 days ago

Microsoft Releases The New Light Theme In Windows 10 19H1 Insider Build 18282

Microsoft rolls out Windows 10 19H1 build 18282 to Insiders with a new light theme Microsoft released Windows 10 Insider…

2 days ago

Microsoft finally re-releases Windows 10 October 2018 Update

Microsoft resumes rollout of Windows 10 October 2018 (version 1809)update Microsoft has finally re-released its latest Windows 10 October 2018…

2 days ago

iPhone X explodes after iOS 12.1 Update

Recently Apple Support has responded to a report of an exploding iPhone X, where the victim is claiming that while he was…

2 days ago