|By Kramer Phillips | 3 years ago|
New details have emerged that technology employed by cyber criminals to gather sensitive information comes pre-installed on a range of laptop models.
Several models of notebooks sold by Hewlett Packard (HP) contain keystroke logging software. The software captures everything that is typed on the device’s keyboard.
The unprotected files used to store this information could be exploited by hackers to access private details like passwords and pin numbers.
The bug was first exposed in a briefing released on Friday by Swiss computer security consultancy ModZero.
The flaw is believed to affect 28 HP laptops on sale between 2015 and 2016.
The affected laptops include EliteBook, ProBook, and ZBook.
The keylogger is used by audio drivers to determine when the up and down volume controls buttons on the keyboard have been pressed.
But by storing the recorded details of each and every keystroke made in unencrypted plain text files has raised several security concerns and questions as to why the manufacturers designed the software in this manner.
Although the file recording the keystrokes is erased each time the device restarts, people with the required technical expertise can recover the deleted files.
And this could make it easier for hackers or other third parties to access everything written by users.
“There Is no evidence that this keylogger can be intentionally implemented. Obviously, it is a negligence of the developers – which makes the software less harmful,” ModZero said in a blog post.
And in a statement to MailOnline, a spokesperson for HP said that the company is committed to the security and privacy of its customers, and “we are aware of the keylogger issue on select HP PCs.
“Fixes will be available shortly via HP.com,” the statement from the tech company added.