TechAdvisory.org

Technology Advice for Small Businesses

HP laptop users beware: keylogger found

You might be entering credit card details on a website to purchase something online or filling in your personal information to subscribe to a service, thinking you’re safe behind the keyboard. And you probably are — if the computer you’re using doesn’t have a keylogger installed. But for HP laptop users, chances are they aren’t so lucky. Read on to see why.

What are keyloggers?

Keyloggers are hardware devices or software programs that record every key you press on your computer’s keyboard. Most keyloggers can also capture screenshots and send them to a remote computer where someone is waiting to see what you’re up to.

And why does this matter? Because hackers can steal your usernames and passwords, keep track of the messages you send via instant messaging apps or emails, and other personal information you disclose on online forms. Imagine what they can do with all that data.

A keylogger spotted on hundreds of HP laptops

In early December, a security researcher discovered a keylogger pre-installed on an HP laptop. This led to the revelation that more than 460 HP laptop models, including ProBook, Pavilion, EliteBook, and the Envy line include the Synaptics touchpad driver — which can be used as a keylogger.

Even though the keylogger on those HP laptops isn’t activated by default, an attacker who gains access to your laptop can enable it without much difficulty. HP themselves said the keylogger code had been added to the software by mistake and they’ve since released patches to fix the issue.

What should HP laptop users do?

If you own an HP laptop, check whether you’re affected by referring to this full list of affected models. If your laptop model is on the list, click on the link provided on the right side of the model name and download the security patch immediately to remove the keylogger from your computer.

How to protect yourself from keyloggers

The standard security measures — which you should be taking to heart and keeping up to date — can help protect you from keyloggers. You should avoid suspicious websites and never download files from them, and take extra care when opening attachments, text messages, or social media links from unknown senders since they can be embedded with a keylogger.

You should also have antivirus software installed and keep it up to date. Most antivirus software nowadays has already added keyloggers to their databases. It’s also good to be aware of the latest security patches from your hardware manufacturers and software developers since they’re made to fix current vulnerabilities.

And to make things even more secure, consider using one-time passwords and two-step verifications when you need to log in to important online services, such as those related to personal finance or services that require sensitive personal data.

Need more tips and tricks on how to protect yourself and your business from cyber espionage? Talk to our security experts today. They will be more than happy to explain IT security issues to you in plain English!