HP Keylogger: Security Firm Finds Keylogger Installed In HP Audio Driver
The audio driver installed on some laptops from HP contain a keylogger that records all of a user’s keystrokes and stores the information in a way that could be compromised easily, security company Modzero reported.
The Switzerland-based cybersecurity firm first discovered the keylogger, which is found in Conexant HD Audio Driver Package versions 1.0.0.46 and earlier, on April 28 and publicly disclosed its findings Thursday.
Read: How To Use FlexiKiller: New Tool Identifies, Removes Spying Software on Mac, Windows
Within the audio driver, which comes preinstalled on several models of HP laptops, is a file called MicTray64.exe. The executable starts every time a user logs into their computer and “monitors all keystrokes made by the user.”
According to Modzero, this practice is done by the audio driver to “capture and react to functions” as a user interacts with buttons on the keyboard such as volume controls or the mute/unmute button.
This practice is relatively common and on its own, not necessarily something for users to worry about. What is troubling about audio driver’s MicTray64.exe file is the way it stores all of the keystrokes it records.
The driver stores the user’s keystrokes in a local file, which can expose a user’s full keystroke data — including passwords, communications logs, web history and other sensitive data — to anyone who knows where to find the audio driver’s log.
The audio driver will also pass all keystrokes through a local application program interface (API) named OutputDebugString API. If infected by malware or otherwise compromised, the API could effectively perform real-time keystroke monitoring for any malicious actor.
Read: Is Your Smartphone Spying On You? Phone Cameras, Microphones At Risk Of Hacking, Expert Says
According to Modzero, the potential exploit is present on most Windows 7 and Windows 10 systems. There are 28 HP laptops that have been confirmed to use the Conexant HD audio driver package that contains the MicTray64.exe file, and other manufacturers that use the same audio driver may also be at risk.
The vulnerable devices from HP are listed below:
HP EliteBook 820 G3 Notebook PC
HP EliteBook 828 G3 Notebook PC
HP EliteBook 840 G3 Notebook PC
HP EliteBook 848 G3 Notebook PC
HP EliteBook 850 G3 Notebook PC
HP ProBook 640 G2 Notebook PC
HP ProBook 650 G2 Notebook PC
HP ProBook 645 G2 Notebook PC
HP ProBook 655 G2 Notebook PC
HP ProBook 450 G3 Notebook PC
HP ProBook 430 G3 Notebook PC
HP ProBook 440 G3 Notebook PC
HP ProBook 446 G3 Notebook PC
HP ProBook 470 G3 Notebook PC
HP ProBook 455 G3 Notebook PC
HP EliteBook 725 G3 Notebook PC
HP EliteBook 745 G3 Notebook PC
HP EliteBook 755 G3 Notebook PC
HP EliteBook 1030 G1 Notebook PC
HP ZBook 15u G3 Mobile Workstation
HP Elite x2 1012 G1 Tablet
HP Elite x2 1012 G1 with Travel Keyboard
HP Elite x2 1012 G1 Advanced Keyboard
HP EliteBook Folio 1040 G3 Notebook PC
HP ZBook 17 G3 Mobile Workstation
HP ZBook 15 G3 Mobile Workstation
HP ZBook Studio G3 Mobile Workstation
HP EliteBook Folio G1 Notebook PC
© Copyright IBTimes 2024. All rights reserved.
-
Win The Vote But Still Lose? Behold America's Electoral College
-
From Abortion To Bobcat Hunting: US Vote Not Just For President
-
Thousands Protest Alleged Election Fraud In Georgia
-
US Fines Chipmaker $500,000 For Selling To Blacklisted Chinese Company
-
Ikea Paying $6.5 Million To East German Prisoners Forced To Make Their Furniture
-
Speaker Mike Johnson Again Opens Door Wide Open To Blocking A Harris Victory
-
Rivals Race To Tape As US Election Heads To Photo Finish
-
Officials Stepping Up Security For Election Workers Amid Ongoing Threats: Report
-
Nailed! North Dakota Governor Caught In Embarrassing Double Standard In 'Garbage' Attack
-
Trump Defends Puerto Rico 'Island Of Garbage' Comedian For Making 'One Little Joke'
