HP Devices Have Been Found To Contain Keylogging Software
On Thursday, security researches warned that more than twenty-four HP tablets and laptops are designed to log every key stroke users make. The logs are then stored on an unsecured file on the device’s hard drive.
The keylogging software was found in a device driver made by Conexant which produces audio chips for the aforementioned HP devices. According to a Swiss cyber security firm, Modzero, the culprit is a file known as MicTray64.exe which allows the driver to respond when the user presses a special combination of keys. Unfortunately, the file actually logs every key stroke a user makes and then sends it to either a dubugging interface or a file on the computer’s C drive. In their initial statement, Modzero researchers warned that the file has been present on HP computers since at least Christmas of 2015.
The researchers said that the process effectively turns the turns the audio driver into keylogging spyware.
The file is rewritten every time the computer is rebooted, but there are several ways old logs could be accessed such as forensic software designed to recover deleted files. Furthermore, if the computer is backed up on a regular basis then those backups could include passwords, financial information, contacts, and other private information.
Modzero said that they contacted both HP and Conexant prior to issuing the public warning, but did not receive an answer from either company.
In addition to the public advisory, Modzero also released a technical report which can be read here.
Eric is an avid tech junkie, gamer, and comic fan. When he's not working on his PC, you'll find him at your local comic book shop.