This post was originally published on this site is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to

Researcher Michael Myng found a deactivated keylogger in a piece of software found on over 460 HP laptop models. A full list of affected laptops is here. The keylogger is deactivated by default but could represent a privacy concern if an attacker has physical access to the computer.

“Some time ago someone asked me if I can figure out how to control HP’s laptop keyboard backlight,” wrote Myng. “I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings.”

The strings led to something that appeared to be a hidden keylogger – a program that sends typed characters to an attacker – in a Synaptics device driver. Given that the decompiled code prepared and sent key presses to an unnamed target, Myng was fairly certain he had something interesting on his hands.

Luckily, HP responded quickly.

“I tried to find HP laptop for rent and asked a few communities about that but got almost no replies,” he said. “One guy even thought that I am a thief trying to rob someone. So, I messaged HP about the finding. They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

The bottom line? Update your HP laptop as soon as possible. If you are on HP’s list of affected laptops you can download the fix here.

At L Technology Group, we know technology alone will not protect us from the risks associated with in cyberspace. Hackers, Nation States like Russia and China along with “Bob” in HR opening that email, are all real threats to your organization. Defending against these threats requires a new strategy that incorporates not only technology, but also intelligent personnel who, eats and breaths cybersecurity. Together with proven processes and techniques combines for an advanced next-generation security solution. Since 2008 L Technology Group has develop people, processes and technology to combat the ever changing threat landscape that businesses face day to day.

Call Toll Free (855) 999-6425 for a FREE Consultation from L Technology Group,