What is keylogging?
It is software that covertly tracks, or logs, the keys struck on your keyboard. Its purpose is to collect sensitive material such as account numbers, PIN codes, passwords etc.
Although there are legitimate uses for keylogging (e.g. parents monitoring children’s activities), they pose a serious threat. They enable cybercriminals to gain access to your sensitive information. This could lead to the loss of your money or identity.
It spreads in much the same way as other malicious programs – through opening an attachment received via email, social network, text etc., or through an infected website.
How was it discovered pre-installed on hundreds of HP laptop models?
It was security researcher Michael Myng who found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work.
According to the BBC, the “potential security vulnerability” is affecting more than 460 models of HP laptops. However, the release of a software patch will remove the keylogger.
He discovered it when inspecting Synaptics Touchpad software. Although disabled by default, an attacker with access to the computer can enable it to record what a user is typing.
How do I know if I’m at risk?
The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. You can find a full list of affected devices, dating back to 2012, by clicking here.
In a statement, the company said:
“HP uses Synaptics’ touchpads in some of its mobile PCs and has worked with Synaptics to provide fixes to their error for impacted HP systems, available via the security bulletin on HP.com.”
The BBC also reported that in May, a similar keylogger was discovered in the audio drivers pre-installed on several HP laptop models.