Home / Tech News / Hundreds of HP computer models carry a deactivated keylogger

Hundreds of HP computer models carry a deactivated keylogger



In November, a computer programmer spotted some strange code while trying to control a backlit keyboard on a Hewlett-Packard laptop.

It was a keylogger — which if turned on by a hacker is capable of monitoring every keystroke you type and save this activity to a file. It’s a common hacking technique used to steal passwords, as Google recently noted in its year-long study on computer security. 



In this case, the code was not turned on, but TechCrunch nonetheless reported on programmer Michael Myng’s blog post about finding the deactivated keylogger. In his memo, Myng wrote that he notified HP of the presence of the keylogger’s presence.

So, I messaged HP about the finding. They replied terrificly fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.

Myng calls this piece of code a “debug trace,” a tool commonly used by software companies to “trace” a problem or bug, suggesting this code wasn’t put there with any malicious intent — either by HP or anyone else. 

For HP users that want to rid their computers of this keylogger — should a hacker gain physical access to their computer and turn it on — HP’s fix (issued on Nov. 7) can be found on their site here, along with an extremely long list of affected models. 

In their fix, HP notes that a “potential security vulnerability has been identified” and HP has no “access to customer data as a result of this issue.”

Mashable contacted HP for comment and will update this post upon hearing back.

Https%3a%2f%2fvdist.aws.mashable.com%2fcms%2f2017%2f12%2fe76fcdc4 ed41 036e%2fthumb%2f00001



Check Also

Giphy builds transparent GIF library for Instagram Stories

Instagram now lets some users slap background-less GIFs sourced from Giphy onto their Instagram Stories. …

Leave a Reply

Your email address will not be published. Required fields are marked *