View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
May 11, 2017updated 12 May 2017 8:50am

HP laptops could have been keylogging since 2015

HP laptops could have been recording your key strokes since at least 2015.

By Joe Clark

HP laptops have been shipping laptops with built in keyloggers since at least 2015, according to Swiss security firm, Modzero.

Modzero discovered that HP updated its audio drivers in 2015 with new debugging and diagnostic software. This software was able to determine if a specific key had been used.

Keystroke logging, or key logging, is the ability for a computer to record every key that is pressed on the keyboard of a computer. This is often used by hackers to gain fraudulent access to passwords and other confidential information. HP

In a blog post Modzero said: “So what’s the point of a keylogger in an audio driver? Does HP deliver pre-installed spyware? Is HP itself a victim of a backdoored software that third-party vendors have developed on behalf of HP?”

“The responsibility in this case is uncertain, because the software is offered by HP as a driver package for their own devices on their website. On the other hand, the software was developed and digitally signed by the audio chip manufacturer Conexant.”

Modzero investigated the Conexant chip and found that the audio drivers of HP Laptops had been poorly implemented in a way that essentially made them spyware. Modzero claims that by analysing the metadata of the service they have been able to determine that these measures have been in place since at least Christmas 2015.

Modzero then delved further and found that the situation was actually much graver than initially thought. Not only were these keys being logged, they were being logged in a publicly readable location on the machine itself file C:\Users\Public\MicTray.log.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

The blog post stated: “If you regularly make incremental backups of your hard-drive – whether in the cloud or on an external hard-drive – a history of all keystrokes of the last few years could probably be found in your backups.”

Modzero has noted in the blog that everyone who owns a HP laptop investigates their own C:\Windows\System32\MicTray64.exe or C:\Windows\System32\MicTray.exe and delete or rename the application to try to halt the process.

HP has not yet commented on the story.

Topics in this article : , , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.