Can a computer repair shop put keylogger/malware in your laptop?

I had to go to a repair shop to remove a swollen battery from my laptop. They did this and took maybe ten minutes or so. I did not see what the technician did. But i do have two ssds in the laptop. One is a 2.5inch sata ssd that is my main drive with everything in it. The other is a 32gb m.2 nvme cache drive i believe that came with this laptop a long time ago. I only use a bit of it to store music... thats all.


Now my main ssd drive, the 2.5 inch sata... it does have bitlocker enabled. Thus you need to enter the bitlocker pin and then after it, a windows 10 password as well to get access to my laptop. A while back i installed bitlocker because i read if someone has access to your laptop and no bitlocker or veracrypt, they can put malware on your laptop easily and when you use it... anything you type... the hacker could see it. I read there is a usb hack as well where if you are gone from your laptop for a minute, a hacker could plug the usb into your laptop for a minute, take it out... then you got malware. That is true right?


Now in my case, after they took battery out, i turned it on while plugged into a charger at the shop and it does turn on with no issue. Had to type in my bitlocker pin/password of course etc. Now my concern is... i read you could clone a ssd in minutes right? So if a shop cloned both of my ssds... then they have access to my hard drive? But my main drive which boots windows is encrypted. The other m.2 ssd which i dont use at all except to put some music there.. That is NOT encrypted by bitlocker though. Had forgot to do that before i went to shop because im pretty sure its only music files there... like no windows boot or anything like that... im pretty sure but not 100 percent sure.


Now i did malwarebyte free scan and windows defender scan and doesn't seem to be any threats. Well malware bytes did have detections but those were same detections from a while back so no concern about that.


Now my concern is... if a repair shop did clone my ssds... could they get into my ssd? Now i know they need my bitlocker pin and windows ten password, but i typed in my bitlocker pin while there so maybe cameras could see what i typed in? But if they had my bitlocker pin... they have access to my ssd right to open it? But even if they open it... i mean all they could view are my programs, well they can't open programs up like lastpass or axcrypt and things like that right?


Someone mentioned bitlocker is very secure but not 100 percent. Like there is always a backdoor somehow. So in my case, is there a backdoor if they cloned my ssd? Like even if they have my bitlocker pin, they can't turn on anything right? But my other concern is because my 32gb m.2 ssd drive was not encrypted... could they somehow infect that or affect my main 2.5 inch 250gb ssd drive? That is what i like to know here.

 

If you are this worried about security, why did you hand off your laptop to someone else?

 

Right, so you're worried about your sensitive data, hand out your computer to some stranger then come to an internet forum to complain and worry? Maybe next time remove your drives or have them remove them in front of you before handing out your laptop. Just a thought...

 

He's afraid of them finding the illegal websites he's visited and content he's downloaded, something that he has admitted to on this very forum.

 

Oh so this is the same person? I thought I had seen a similar themed thread here in recent memory

 

Well this is more closer to the truth at hand. Most people whom take to shop to repair they don't clone the drive unless your replacing it but repairs don't clone the drive. It's not in their interest to do this for "Privacy" and helps them nothing on the repair side.

 

You know that begs the question, how do you tell if you got key logger stuff in your system? I have always assumed that by default lol.

 

This also begs the question why would they do that if they are a reputable repair shop to start with. It's in their own interest to insure they provide the repairs without getting themselves into legal issue. Now if you give your computer to CIA/NSA/DHS consider it tracked for Life. Funny or not....if one is so worried that they will have Porn or worse then consider yourself warned because shops if in process of repairs or fixing - it popups on the screen they have the Legal authority to report it to the Authority.