PRIVACY: Some HP laptops are hiding a deactivated keylogger.

“Some time ago someone asked me if I can figure out how to control HP’s laptop keyboard backlight,” wrote Myng. “I asked for the keyboard driver SynTP.sys, opened it in IDA, and after some browsing noticed a few interesting strings.”

The strings led to something that appeared to be a hidden keylogger – a program that sends typed characters to an attacker – in a Synaptics device driver. Given that the decompiled code prepared and sent key presses to an unnamed target, Myng was fairly certain he had something interesting on his hands.

Luckily, HP responded quickly.

“I tried to find HP laptop for rent and asked a few communities about that but got almost no replies,” he said. “One guy even thought that I am a thief trying to rob someone. So, I messaged HP about the finding. They replied terrifically fast, confirmed the presence of the keylogger (which actually was a debug trace) and released an update that removes the trace.”

Good on HP for a quick fix, but how did they release a laptop with a dormant keylogger installed?