iBankCoin
Wake up. Break the cycle. Teach your children.
Joined Oct 24, 2016
956 Blog Posts

HP Laptops Discovered To Be Spying On Users With Keylogger

Thought all you had to worry about was the NSA and 400 lb hackers?

Swiss cybersecurity firm Modzero has discovered that 28 models of HP laptops running Windows 7 or 10 – a little over 20% of all laptops – have been spying on users via a ‘keylogger’ – a program which records every keystroke made on the device. This means that passwords for banking, email accounts, and private communications on affected laptops are being stored locally – which “leads to a high risk of leaking sensitive user input”.

“Users are not aware that every keystroke made while entering sensitive information – such as passphrases (or) passwords on local or remote systems – are captured by (the software)” –Modzero

When Modzero contacted HP about the issue, the company went radio silent, so the Swiss firm went public with it’s findings. When UK based Sky News picked up the story and reached out to HP, the company said they were “aware of the keylogger issue on select HP PCs.”

HP told Sky News: “Our supplier partner developed software to test audio functionality prior to product launch and it should not have been included in the final shipped version. Fixes will be available shortly via HP.com.” Sky News

A full list of affected laptops can be found here.

Here is Modzero’s writeup on how the keylogger works:

Conexant’s MicTray64.exe is installed  with the Conexant audio  driver
package and registered as a Microsoft Scheduled Task to run after each
user login. The  program monitors all  keystrokes made by  the user to
capture  and  react  to  functions  such  as  microphone   mute/unmute
keys/hotkeys. Monitoring of keystrokes is added by implementing a low-
level keyboard input  hook [1] function…

In addition to the handling  of hotkey/function key strokes, all  key-
scancode information [2] is written into a logfile in a world-readable
path (C:\Users\Public\MicTray.log).

If you enjoy the content at iBankCoin, please follow us on Twitter

7 comments

  1. oilerua

    it is obvious that even if the modern world is unnoticed about it , the personal owns and belongings are far less important then the personal history and attitude towards change and survival .. any day could be the day in which you need to survive , in a way or another .. while we approach that day some prepare other dont’

    • 0
    • 0
    • 0 Deem this to be "Fake News"
  2. bushwacker2

    Bastards.

    • 0
    • 0
    • 0 Deem this to be "Fake News"
  3. mooby

    Sounds to me like HP did this in order to triage computer problems when users call into the help line to complain about a problem.

    I can hear the tech now, “Hang on while I read your log files”….

    And is this one of those things you click “I Agree” after riffing through 100 pages of a software contract?

    • 0
    • 0
    • 0 Deem this to be "Fake News"
  4. El Rey de Cucamonga
    El Rey de Cucamonga

    Unencrypted? Under the user ‘Public’?

    It had to at least be encrypted..please say it was because if it was not noticed u til now, that would be mind-numbing.

    • 0
    • 0
    • 0 Deem this to be "Fake News"
  5. gorby

    It’s all recorded or filmed.Speak only in person -not perfect security-but best chance.

    • 0
    • 0
    • 0 Deem this to be "Fake News"

Leave a Reply

Your email address will not be published. Required fields are marked *