If the file doesn't exist or a registry key containing this file's path does not exist or was corrupted, the audio driver will pass all keystrokes to a local API, named the OutputDebugString API. The problem is that this file writes all keystrokes to a local file at: C:\users\public\MicTray.log Audio driver also exposes keystrokes in real-time via local API This behavior, by itself, is not a problem, as many other apps work this way. According to modzero researchers, the file "monitors all keystrokes made by the user to capture and react to functions such as microphone mute/unmute keys/hotkeys." This file is registered to start via a Scheduled Task every time the user logs into his computer. One of the files of this audio driver is MicTray64.exe ( C:\windows\system32\mictray64.exe). This is an audio driver that is preinstalled on HP laptops. Keylogger found in preinstalled audio driverĪccording to researchers, the keylogger feature was discovered in the Conexant HD Audio Driver Package version 1.0.0.46 and earlier. Swiss cyber-security firm modzero discovered the keylogger on April 28 and made its findings public today. The audio driver installed on some HP laptops includes a feature that could best be described as a keylogger, which records all the user's keystrokes and saves the information to a local file, accessible to anyone or any third-party software or malware that knows where to look.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |