Home Security Keylogger found on many HP Windows laptops

Keylogger found on many HP Windows laptops

A Swiss researcher has discovered a keylogger in an audio driver on many Windows laptops made by HP Inc.

The software in question has been developed and digitally signed by Conexant, a  manufacturer of integrated circuits, that has emerged from an American armaments maker.

The researcher, Thorsten Schroeder, said the purpose of the software was to recognise whether a special key had been pressed or released.

"Instead, however, the developer has introduced a number of diagnostic and debugging features to ensure that all keystrokes are either broadcasted through a debugging interface or written to a log file in a public directory on the hard-drive," Schroeder wrote.

"This type of debugging turns the audio driver effectively into a keylogging spyware. On the basis of meta-information of the files, this keylogger has already existed on HP computers since at least Christmas 2015."

The latest version of this software, which is known as MicTray, logs all keystrokes into a file that is publicly readable - C:\Users\Public\MicTray.log.

Schroeder said although the file was overwritten after each login, its content could be easily monitored by running processes or forensic tools.

"If you regularly make incremental backups of your hard-drive — whether in the cloud or on an external hard drive — a history of all keystrokes of the last few years could probably be found in your backups."

While he said there was no evidence that the keylogger had been intentionally implemented, it was negligence on the part of the developers. This, however, did not reduce the harm that could be caused by the software.

"If the developer would just disable all logging, using debug-logs only in the development environment, there wouldn't be problems with the confidentiality of the data of any user," Schroeder said.

While he sought reactions from HP Inc and Conexant, neither company was forthcoming with a response.

The hardware models and operating systems affected are:

Models affected

  • HP EliteBook 820 G3 Notebook PC
  • HP EliteBook 828 G3 Notebook PC
  • HP EliteBook 840 G3 Notebook PC
  • HP EliteBook 848 G3 Notebook PC
  • HP EliteBook 850 G3 Notebook PC
  • HP ProBook 640 G2 Notebook PC
  • HP ProBook 650 G2 Notebook PC
  • HP ProBook 645 G2 Notebook PC
  • HP ProBook 655 G2 Notebook PC
  • HP ProBook 450 G3 Notebook PC
  • HP ProBook 430 G3 Notebook PC
  • HP ProBook 440 G3 Notebook PC
  • HP ProBook 446 G3 Notebook PC
  • HP ProBook 470 G3 Notebook PC
  • HP ProBook 455 G3 Notebook PC
  • HP EliteBook 725 G3 Notebook PC
  • HP EliteBook 745 G3 Notebook PC
  • HP EliteBook 755 G3 Notebook PC
  • HP EliteBook 1030 G1 Notebook PC
  • HP ZBook 15u G3 Mobile Workstation
  • HP Elite x2 1012 G1 Tablet
  • HP Elite x2 1012 G1 with Travel Keyboard
  • HP Elite x2 1012 G1 Advanced Keyboard
  • HP EliteBook Folio 1040 G3 Notebook PC
  • HP ZBook 17 G3 Mobile Workstation
  • HP ZBook 15 G3 Mobile Workstation
  • HP ZBook Studio G3 Mobile Workstation
  • HP EliteBook Folio G1 Notebook PC

Operating systems affected

  • Microsoft Windows 10 32
  • Microsoft Windows 10 64
  • Microsoft Windows 10 IOT Enterprise 32-Bit (x86)
  • Microsoft Windows 10 IOT Enterprise 64-Bit (x86)
  • Microsoft Windows 7 Enterprise 32 Edition
  • Microsoft Windows 7 Enterprise 64 Edition
  • Microsoft Windows 7 Home Basic 32 Edition
  • Microsoft Windows 7 Home Basic 64 Edition
  • Microsoft Windows 7 Home Premium 32 Edition
  • Microsoft Windows 7 Home Premium 64 Edition
  • Microsoft Windows 7 Professional 32 Edition
  • Microsoft Windows 7 Professional 64 Edition
  • Microsoft Windows 7 Starter 32 Edition
  • Microsoft Windows 7 Ultimate 32 Edition
  • Microsoft Windows 7 Ultimate 64 Edition
  • Microsoft Windows Embedded Standard 7 32
  • Microsoft Windows Embedded Standard 7E 32-Bit

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.