The Little Secret of Sound Cards in HP Laptops

by Dhiram Shah

HP sells a large variety of equipment, including several dozens of laptops and tablets. As it recently turned out, the drivers that are supplied by the company for their devices contain a built-in keylogger. We are talking about the drivers for the sound card. Keylogger captures all keystrokes of the user and saves the received data in an encrypted file on the hard disk of the computer.

By the way, this is not the development of cybercriminals, as it seems at first glance, but it is official software. The manufacturer of the driver is not HP but its partner, the audio chip provider Conexant. One of the driver components, the MicTray64.exe element, tracks and records the keystrokes of a user on a computer or laptop with the driver installed.

This component monitors the keystrokes of users in order to catch a special combination of buttons. It’s about the so-called “hot keys”, which are used to control the driver and various sound parameters. But the fact that the component does not do anything bad does not negate the fact that it’s a pure keylogger. And the use of such software without the knowledge of the user is not just unethical, it pulls on intrusion into personal space. It’s interesting that the component we are talking about has become a part of the sound driver since … 2015 year! It turns out that for about two years the sound drivers for HP laptops were produced with an integrated official (!) keylogger.

The file where the keyboard buttons are recorded is located at C: \ Users \ Public \ MicTray.log (you can check if this file exists, since you have a laptop from HP). Its contents are overwritten each time the PC is restarted. But there are many options when the system does not reset the file. In addition, if you configured the archivation in Windows, MicTray.log with all the data will be saved in the archive. You can easily find and view the contents.

Is This Keylogger Dangerous for Me?

According to experts on cybersecurity, this component of the audio driver makes it easy for an attacker to obtain user data. Yes, the contents of the file are encrypted, but recovering the data from the file is not difficult. Users of laptops from HP are not at all aware of the fact that their data is written to the file in such an uncomplicated way. This is not mentioned anywhere. And for a keylogger there is no difference in what kind of data it is – coursework or access to a bank account.

There are great opportunities for the attackers. You can steal a file with saved clicks in different ways. And you can create software that will connect to the driver API for saving and later transferring information.

As for HP, its representatives have already familiarized themselves with the problem and stated that the employees will eliminate the problem in the near future. “We found a solution and we will make it available for our users,” said the company.

We publish this material because we love the truth. And it is often hushed up, especially by giant corporations and manufacturers of modern gadgets. If you want to support our endeavors, read another article that informs much about Russian singles. Today, this topic is no less relevant than technology!

Leave a comment