HP owners need to take immediate action after it was discovered “keylogging” software has been installed by default on more than 460 models of laptop. When enabled, this function could allow hackers to monitor and steal sensitive information like user names and passwords.
What is a keylogger?
A keylogger is a small application that runs in the background, monitoring and recording every pressed on your keyboard. The version installed on affected HP laptops has been bundled with the drivers needed to make the Synaptics touchpad work.
Keyloggers are a very popular form of malware, used by criminals to capture logon details from infected computers. They can then use those details to hack into online accounts to steal money or commit other fraudulent activities.
An honest mistake
Keyloggers do have a legitimate purpose too however. In the case of the HP bug, the keylogging function is used by the Synaptics development team to run various tests and ensure that hardware and software is operating correctly as it is being created.
Normally the keylogging functionality is removed before drivers are released to laptop manufacturers, but in this case it was not. So every machine issued with the buggy drivers also has the keylogger installed.
Don’t panic, but act now
Fortunately, the keylogging function is disabled by default – so your laptop is not currently collecting your sensitive personal data. However, should a hacker gain access to your machine, they can probably enable the logging software.
HP has released an updated set of drivers for laptop owners that removes the keylogging component completely. If you have one of the machines, you should download and install these new drivers (called softpaqs) as soon as possible. There is a list of affected models and download links here.
Increasing personal protection
Normally cybercriminals have to be more creative when installing keyloggers, using the same techniques they rely on for distributing malware and Trojans. These efforts can usually be detected and blocked with a good antimalware solution like Panda Gold.
Another useful tip is to avoid using your hardware keyboard whenever entering very sensitive data. Panda Security provide a ‘virtual keyboard’, where you click letters and numbers on the keyboard displayed on your screen, rather than tapping letters on the physical keyboard. Even if your machine does have an undetected keylogger installed, by avoiding the physical keyboard, it cannot capture anything entered on screen.
Keep your machine fully updated at all times
If your laptop has the option to accept and install manufacturer updates automatically, you should enable it immediately. That way, every software patch released by HP will be applied straight away, reducing the window of opportunity for hackers to compromise your machine – and your personal data.
Learn more about the Panda virtual keyboard and how to protect against keylogger malware by downloading a free trial of Panda Gold Protection today.