A Security researcher discovers pre-installed Keylogger on over 460 HP Laptop Models


A security researcher by the name of ZwClose on Twitter reported that he found a built-in keylogger on several Hewlett-Packard (HP) laptops and went public with his findings on his blog.

The keylogger that was found is embedded in the SynTP.sys file which is a part of the Synaptics touchpad driver that ships with HP laptops leaving around 460 HP laptop models vulnerable to exploits by hackers.

The keylogger component is disabled by default but hackers can exploit this by using available open source tools to bypassing the User Account Control (UAC) and setting a registry value to enable the keylogger.

Here’s the location of the registry key:

  • HKLM\Software\Synaptics\%ProductName%
  • HKLM\Software\Synaptics\%ProductName%\Default

ZwClose reported the keylogger component to HP last month and the company has acknowledged the presence of the keylogger claiming that it was a “debug trace” which was left by accident and has been removed.

HP released a Driver update for all affected HP laptops and a list of compromised HP laptops can be found on the HP Support website.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s