In May 2017, a Swiss security firm discovered that more than two dozen “HP laptop models were recording users’ keystrokes”.
The keylogging software was in the PC’s audio driver existing since at least 2015. The driver was supposed to be alerted when a particular key on the PC was hit, but to do that the driver was capturing all keystrokes. Those keystrokes were also stored in an unencrypted file. Potentially exposing passwords, usernames, and private correspondence should the user get hacked.
In December 2017, another security researcher found a keylogger in the Synaptics touchpad driver for nearly 500 models of HP notebooks going back to 2012. Luckily, the December keylogger was disabled by default. In both cases the installation of the keylogger appeared to be inadvertent.
Want to discuss this case? You can purchase a 30 minute conference call with our analysts to discuss this case and the implications it has for your organisation. Just select the time and date that works for you: