Bitcoin Wallets at Risk due to Keylogger-embedded HP Laptop Audio Driver
A lot of Bitcoin and cryptocurrency users are concerned about the HP keylogger issues. A few days ago, someone discovered HP laptops came with a keylogger that captured keystrokes at all times. This is made possible thanks to an audio driver somehow logging this information. A very troublesome development, to say the least.
To put this entire story into perspective, a security researcher discovered a potentially malicious audio driver on various HP laptop models. It appears this driver is capable of recording very keystroke entered into the computer. Said keystrokes are then stored in a log file on the device. Anyone with malicious intent could use this log file to cause a lot of harm to the device owner in question.
The affected models include HP’s premium line of laptops, including the Elitebook, Probook, and ZBook models. Additionally, the company’s latest flagship laptop – known as the Folio G1 – comes with this malicious audio driver as well. Anyone who has local access to the user files on these machines – or gains remote access through malware – can obtain passwords, a history of visiting websites, private messages, and even Bitcoin wallet passwords.
Luckily, it appears HP has started to roll out software updates to remove the keylogger aspect of this audio driver in the past 24 hours. Additionally, upgrading to this new software will remove the log file stored on one’s computer as well. Unfortunately, it is still up to individual users to manually install this update, which could leave thousands of laptop users exposed. This is not good news for such a major laptop manufacturer by any means.
According to an official company statement, the keylogger feature was added “by accident” to the driver’s production code. It is rather unclear why HP would experiment with such a feature in the first place. Then again, various other manufacturers and software service providers use somewhat similar features to send feedback to the company at all times. It is good to see HP acknowledge this problem exists, rather than try to cover it up.
For Bitcoin wallet users, this could be quite a problematic development. Anyone using a bitcoin wallet client on one of the affected HP laptop models has potentially been exposed to have their wallet’s password stolen already. With the password – and the wallet.dat file – anyone could load the same wallet on a different machine and spend funds. It is unclear if any bitcoin users have been affected by this keylogger so far, although it is certainly possible.
It does not appear the keylogger feature was designed with malicious intent, though. Instead, it seems this driver is badly coded and aims to look for specific keystrokes. Unfortunately, it now means the software is capturing every key pressed on the keyboard. HP laptop users are advised to download the latest software update to address this situation.
If you liked this article, follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin, cryptocurrency, and technology news.