An observant security researcher recently detected the presence of keylogging software in HP laptop models that could record letters typed on their keyboards at all times.
The keylogging software in HP laptops were disabled by default but could be activated by any malicious actor with access to a laptop.
While checking if he could adjust an HP computer’s keyboard backlight, security researcher Michael Myng recently stumbled upon a code that matched the format for keylogging software that could record every letter typed on a keyboard.
Upon further examination, Myng concluded that the keylogging software was disabled by default in HP laptops but could be activated by anyone with access to a computer.
Myng reported his findings to HP following which the firm responded quickly and issued a software update to plug the ‘potential security vulnerability’.
‘A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability,’ said HP in a statement on its website.
‘Neither Synaptics nor HP has access to customer data as a result of this issue,’ it added.
Subsequent revelation by HP revealed the true nature of the vulnerability. As per a list of affected devices released by the company, the keylogging software was pre-installed in as many as 460 laptop models belonging to the EliteBook, ProBook, Pavilion, and Envy ranges.
This is yet another glaring example of how pre-installed software in devices can be misused by malicious actors to snoop on users’ online activities and to evade usual privacy settings in devices. Last month, researchers at Princeton University revealed that as many as 482 popular websites were using session-replay scripts that allowed third party vendors to record mouse movements and what users typed on their keyboards.
‘These scripts record your keystrokes, mouse movements, and scrolling behavior, along with the entire contents of the pages you visit, and send them to third-party servers. Unlike typical analytics services that provide aggregate statistics, these scripts are intended for the recording and playback of individual browsing sessions, as if someone is looking over your shoulder,’ the researchers said.
As such, these recordings contain everything you typed on the website, including passwords, credit card numbers and everything else. According to the researchers, such session-replay scripts are used to gather insights into how users interact with websites and are far more detailed compared to analytics services that provide aggregate statistics.