[SingCERT] Alert on HP Notebook Keylogger

Published on Tuesday, 12 December 2017 19:56

Background

A keylogger*-type feature was found in the Synaptics touchpad driver installed in numerous HP notebook models. Although this feature is disabled by default, an attacker with local administrative rights could still obtain the keystrokes by modifying the system to enable the keylogger feature on an affected notebook.

*A keylogger is a type of surveillance technology used to monitor and record each keystroke typed on a specific computer’s keyboard.

Affected Products

The list of affected models includes HP's 25*, mt**, 15*, OMEN, ENVY, Pavilion, Stream, ZBook, EliteBook, and ProBook series, along with several Compaq models.

A complete list of the 475 affected models can be found here.

Impact

An attacker who has successfully enabled the feature could capture sensitive information such as login credentials and credit card numbers.

Recommendations

Users of affected products are advised to install the latest patch via https://support.hp.com/us-en/document/c05827409.

References

https://www.bleepingcomputer.com/news/hardware/keylogger-found-in-hp-notebook-keyboard-driver/

https://www.cnet.com/how-to/how-to-remove-the-keylogger-from-your-hp-laptop/