loading...

Built-in Key-logger Found in MantisTek GK2 Keyboards That Sends Data to Chinese servers

Gaming is a war and a gamer is a warrior. Gaming communities are Legions. Keyboards are shields, mice are swords, and joysticks are spears. Headphones are helmets.

There is no place for betrayal and price of such an act according to Spartan law is death.

The favourite 104-key Mantistek GK2 Mechanical Gaming Keyboard that costs around $57.75 has allegedly been caught silently saving all type on your keyboard and sending them to a server maintained by the Alibaba Group.

This built-in key logger in Mantistek GK2 Mechanical Gaming Keyboard was noticed with a few owners who headed to an online forum to talk about this issue.

Regarding to Tom’s Hardware, MantisTek keyboards utilise Cloud Driver software, for collecting analytic information maybe, but has been captured sending private information to servers linked with Alibaba.

After analysing more closely, Tom’s Hardware team discovered that Mantistek keyboard will not include a full-fledged key logger.

Instead, it catches how many times a key has been sending and pressed this data back again to online servers.

The affected users also provided a screenshot showing how all of your plain text keystrokes collected by the keyboard are being uploaded to a Chinese server located at IP address: 47.90.52.88.

However, even if there is no malicious intent, capturing and uploading keystroke counts without users consent violates trust and puts systems security in danger by leaking sensitive information.

Since Alibaba Group offers cloud services like Google and Amazon also, this collected information is not necessarily being sent to the Alibaba itself, but someone who is which consists of cloud service.

Starting the IP address in question straight into a browser and on a Chinese login page, which means “Cloud mouse platform record management system” and is managed by Shenzhen Cytec Technology Co., Ltd.

Reportedly, the MantisTek keyboard software sends the collected data to two destinations at that IP:

/cms/json/putkeyusedata.php

/cms/json/putuserevent.php

The best way to prevent your keyboard from sending your keystrokes to the Alibaba server is to avoid using your Mantistek GK2 Mechanical Gaming Keyboard until you hear back again from the company concerning this issue.

If you cannot prevent yourself from using the keyboard, but want to avoid it from sending your key presses to the Alibaba server, just make sure the MantisTek Cloud Driver software is not working in the background, and stop the CMS.exe executable in your firewall.

To stop the CMS.exe executable, add a new firewall guideline for the MantisTek Cloud Driver in the Windows Defender Firewall Wall with Advanced Security.

Leave a Reply

Your email address will not be published. Required fields are marked *

%d bloggers like this: