The keylogger that was found is embedded in the SynTP.sys file which is a part of the Synaptics touchpad driver that ships with HP laptops leaving around 460 HP laptop models vulnerable to exploits by hackers.
The keylogger component is disabled by default but hackers can exploit this by using available open source tools to bypassing the User Account Control (UAC) and setting a registry value to enable the keylogger.
Here’s the location of the registry key:
ZwClose reported the keylogger component to HP last month and the company has acknowledged the presence of the keylogger claiming that it was a “debug trace” which was left by accident and has been removed.
HP released a Driver update for all affected HP laptops and a list of compromised HP laptops can be found on the HP Support website.
Categories: Cybersecurity News