Keyloggers are nasty bit things that have the prospective to take the credit history card numbers of you as well as everybody you care about. Usernames as well as passwords can be quickly stolen this way, so they’re a useful tool for the black hats out there. One would generally expect to discover a keylogger in a dodgy movie torrent or perhaps a keygen for pirated software, however this week a keylogger was discovered in an audio driver for an HP laptop.
The logger was discovered by Swiss security researchers modzero. The Conexant HD Audio driver bundle version 1.0.0.46 as well as earlier obviously logs keystrokes in order to screen things like the laptop’s volume up as well as down keys. The genuine killer right here is that it feels the requirement to log all keystrokes detected to a readily accessible file, for reasons we can’t potentially fathom. It’s a big security risk, but it doesn’t stop there – the driver likewise subjects the keystrokes with an API as well, creating an even wider assault surface for malicious actors. One can in principle gain access to the keystroke log remotely.
There’s no word from the business yet, however we truly want to understand – why save the keystrokes to a data at all? Code left over from debugging, perhaps? Speculate in the comments.