from the that's-not-going-to-go-over-well dept
See update at the bottom
According to a report by Mohamed Hassan at Network World, Samsung has been installing secret keyloggers on laptops. After setting up a new laptop, he ran a scan and found an installation of StarLogger, a commercial keylogger program. It’s a rather nefarious piece of software:
This key logger is completely undetectable and starts up whenever your computer starts up. See everything being typed: emails, messages, documents, web pages, usernames, passwords, and more. StarLogger can email its results at specified intervals to any email address undetected so you don’t even have to be at the computer your[sic] are monitoring to get the information. The screen capture images can also be attached automatically to the emails as well as automatically deleted.
Hassan claims to have found the same keylogger on two separate laptops from Samsung, and after calling the company, finally had a supervisor claim that the company did it to monitor usage:
On March 1, 2011, I called and logged incident 2101163379 with Samsung Support (SS). First, as Sony BMG did six years ago, the SS personnel denied the presence of such software on its laptops. After having been informed of the two models where the software was found and the location, SS changed its story by referring the author to Microsoft since “all Samsung did was to manufacture the hardware.” When told that did not make sense, SS personnel relented and escalated the incident to one of the support supervisors.
The supervisor who spoke with me was not sure how this software ended up in the new laptop thus put me on hold. He confirmed that yes, Samsung did knowingly put this software on the laptop to, as he put it, “monitor the performance of the machine and to find out how it is being used.”
Of course, it’s entirely possible that the supervisor was confused as well. Frankly, like some others, I find it hard to believe that Samsung corporate policy could be so clueless as to install secret keyloggers on all laptops. If it is true, however, I imagine the company will be facing one hell of a lawsuit in the very near future.
Update: It looks like my skepticism on this story may have been justified. Samsung is claiming that the researcher got a false positive, and confused a language folder for a keylogger:
“Our findings indicate that the person mentioned in the article used a security program called VIPRE that mistook a folder created by Microsoft?s Live Application for a key logging software, during a virus scan.
“The confusion arose because VIPRE mistook Microsoft’s Live Application multi-language support folder, labelled ‘SL,’ as StarLogger. Depending on the language, under C:Windows folders are created labelled ‘SL’ for Slovene, ‘KO’ for Korean, ‘EN’ for English.”
Filed Under: keylogger, monitoring, rootkit
Companies: samsung
