X

Are there keyloggers on Samsung laptops? (UPDATE: No, there aren't)

Researcher says he found keylogging software on two new Samsung laptops and went public after getting no response from Samsung spokespeople for a week. Samsung says the report is erroneous.

Elinor Mills Former Staff Writer
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.
See full bio
Elinor Mills
2 min read

Updated 9:35 a.m. PT on March 31: We've published a followup article noting that Samsung has been cleared of these allegations. It turns out that a misfiring anti-virus program called VIPRE, made by GFI Software, falsely identified a Microsoft Windows directory as malicious software.

The Samsung R540, one of two models a security researcher claims came loaded with keylogging software.
The Samsung R540, one of two models a security researcher claims came loaded with keylogging software. Samsung

A security researcher says he discovered keylogging software installed on two brand-new Samsung laptops that could be used to monitor all activities on the computer remotely.

Mohamed Hassan, founder of NetSec Consulting, discovered StarLogger software on Samsung laptops with model numbers R525 and 540 after running security scanning software on the systems when he bought them last month, he writes in a guest column in Network World posted today.

Windows-based StarLogger starts up when the computer is turned on, records all keystrokes made on the computer, can be difficult to detect, and can be set to periodically send surreptitious e-mails with information gleaned from the computer to a predetermined e-mail address, with screen capture images attached.

A Samsung representative told CNET this afternoon that the company would looking into the matter. Late this evening, Samsung Australia said in a statement that the keylogger reports were "not true. Our findings indicate that the person mentioned in the article used a security program called VIPRE [antivirus software] that mistook a folder created by Microsoft Live Application for...key logging software, during a virus scan."

Hassan said when he called and logged an incident report with Samsung on March 1, support personnel initially denied that keylogging software was on Samsung laptops and then referred him to Microsoft, saying "all Samsung did was manufacture the hardware," he writes. Eventually, a supervisor got on the phone and confirmed that Samsung put the software on the laptop to monitor machine performance "and to find out how it is being used."

"In other words, Samsung wanted to gather usage data without obtaining consent from laptop owners," Hassan wrote.

Related:
How to detect and remove StarLogger

He said he contacted three public relations representatives at Samsung for comment and went public with the matter after they failed to reply after one week.

The incident could incur the wrath of customers similar to the backlash that occurred after Sony BMG Music Entertainment sold copy-protected compact discs that installed so-called rootkit software hidden inside computers in 2005. Sony was forced to recall 4.7 million of the discs.

Updated 11:45 p.m. PT with Samsung comment and at 2:44 p.m. PT to reflect that CNET Reviews was unable to find the keylogger on a Samsung Series 9 laptop.