HP has an awful history of 'accidentally' leaving keyloggers onto its customers' laptops. At least two times this year, HP laptops were caught with pre-installed keylogger or spyware applications.
A security researcher discovered a keylogger in several Hewlett-Packard (HP) laptops that could allow hackers to record your every keystroke and steal sensitive data, including passwords, account information, and credit card details.
The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers.
Although the keylogger component is disabled by default, hackers can make use of available open source tools for bypassing User Account Control (UAC) to enable built-in keylogger "by setting a registry value."
Here’s the location of the registry key:
The researcher reported the keylogger component to HP last month, and the company acknowledges the presence of keylogger, saying it was actually "a debug trace" which was left accidentally, but has now been removed.
The company has released a Driver update for all the affected HP Notebook Models. If you own an HP laptop, you can look for updates for your model. The list of affected HP notebooks can be found at the HP Support website.