HP Laptops, HP G2 Notebooks Beïnvloed door Driver-Level Keylogger

HP Laptops, HP G2 Notebooks Beïnvloed door Driver-Level Keylogger

Security-onderzoeker Michael Myng ook bekend als ZwClose ontdekt dat er een driver-level keylogger op HP laptops. De bug is nu opgelost via een noodsituatie patch uitgegeven door Hewlett Packard. Honderden HP laptops werden getroffen, waaronder HP G2 Notebooks, the HP Elite x2 1011 G1 tablet, HP EliteBooks, HP ProBooks and HP ZBook models.

Official description of the vulnerability:

A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. A party would need administrative privileges in order to take advantage of the vulnerability. Neither Synaptics nor HP has access to customer data as a result of this issue.

Verwante Story: SonicSpy Android Spyware Genereert meer dan 1000 Apps

Myng came across the keylogger while exploring Synaptics Touchpad SynTP.sys keyboard driver

He analyzed the way keyboards were backlit and came across some weird looking code that resembled a keylogger. "HP had a keylogger in the keyboard driver. The keylogger saved scan codes to a WPP trace. The logging was disabled by default but could be enabled by setting a registry value (UAC required),”De onderzoeker schreef.

Even though logging was disabled by default, it could have been enabled via altering registry values which could have led to the laptop being compromised by malicious software. Trojans and other forms of spyware, for examples, are very likely to leverage keylogging to spy on unsuspecting users.

Gelukkig, HP was very swift to respond. Shortly after the researcher messaged the company about the issue he found, they replied by confirming the presence of the keylogger. Echter, the keylogger turned out to be a debug trace which was adequately removed via the update HP already vrijgelaten.

The patch will also be added to Windows Update.

Not the first time HP features keylogger in their products

This is not the first time such a component was found in HP products. Back in May, security researchers from security firm Modzero unearthed a built-in keylogger in an HP audio driver while examining Windows Active Domain infrastructure.

Verwante Story: Onderzoekers Zoek Ingebouwde Keylogger in HP Audio Driver

The initial purpose of the software appeared to be to recognize whether a special key has been pressed or released. The software however was tailored and the developer, Conexant, added a number of diagnostic and debugging features. The features were there to ensure that all keystrokes “are either broadcasted through a debugging interface or written to a log file in a public directory on the hard-drive”. belangwekkend, dit soort debugging letterlijk transformeert de audio driver in een keylogger, which is nothing but a form of spyware.

Milena Dimitrova

Een geïnspireerde schrijver en content manager die heeft met SensorsTechForum voor 4 jaar. Geniet ‘Mr. Robot’en angsten‘1984’. Gericht op de privacy van gebruikers en malware ontwikkeling, ze gelooft sterk in een wereld waar cybersecurity speelt een centrale rol. Als het gezond verstand heeft geen zin, ze zullen er zijn om aantekeningen te maken. Deze toelichtingen kunnen later om te zetten in artikelen!

Meer berichten - Website

1 Commentaar

  1. Sean vork

    The keyloggers have been detected in laptops as latest as 2017. I don’t understand why these companies try to make the fool out of people and think they can get away with that.

Laat een bericht achter

Uw e-mailadres wordt niet gepubliceerd. Verplichte velden zijn gemarkeerd *

Termijn is uitgeput. Laad CAPTCHA.

Delen op Facebook Aandeel
Loading ...
Delen op Twitter Gekwetter
Loading ...
Delen op Google Plus Aandeel
Loading ...
Delen op Linkedin Aandeel
Loading ...
Delen op Digg Aandeel
Deel op Reddit Aandeel
Loading ...
Delen op StumbleUpon Aandeel
Loading ...