Built-In Keylogger Flora Inwards Mantistek Gk2 Keyboards—Sends Information To China

"The correct keyboard tin lavatory brand all the divergence betwixt a victory as well as a defeat inwards a video game battlefield."

If y'all are a gamer, y'all tin lavatory relate to the higher upward quote.

But what if your winning weapon betrays you?

The pop 104-key Mantistek GK2 Mechanical Gaming Keyboard that costs but about €49.66 has allegedly been caught silently recording everything y'all type on your keyboard as well as sending them to a server maintained past times the Alibaba Group.

This built-in keylogger inwards Mantistek GK2 Mechanical Gaming Keyboard was noticed past times a few owners who headed on to an online forum to portion this issue.

According to Tom's Hardware, MantisTek keyboards utilise 'Cloud Driver' software, possibly for collecting analytic information, but has been caught sending sensitive information to servers tied to Alibaba.

After analysing to a greater extent than closely, Tom's Hardware squad establish that Mantistek keyboard does non include a full-fledged keylogger. Instead, it captures how many times a telephone commutation has been pressed as well as sending this information dorsum to online servers.

The affected users likewise provided a screenshot showing how all your plain-text keystrokes collected past times the keyboard are beingness uploaded to a Chinese server located at IP address: 47.90.52.88.

However, fifty-fifty if there's no malicious intent, capturing as well as uploading keystroke counts without users' consent violates trust as well as puts systems' safety at conduct chances past times leaking sensitive information.

Since Alibaba Group likewise sells cloud services similar Google as well as Amazon, this collected information is non necessarily beingness sent to the Alibaba itself, but individual who is using its cloud service.

Opening the IP address inwards inquiry direct into a spider web browser as well as on a Chinese login page, which translates to "Cloud mouse platform background management system" as well as is maintained past times Shenzhen Cytec Technology Co., Ltd.

Reportedly, the MantisTek keyboard's software sends the collected information to 2 destinations at that IP address:

• /cms/json/putkeyusedata.php
• /cms/json/putuserevent.php

The best agency to forbid your keyboard from sending your keystrokes to the Alibaba server is to halt using your Mantistek GK2 Mechanical Gaming Keyboard until y'all demand heed dorsum from the society nearly this issue.

If y'all cannot forbid yourself from using the keyboard, but desire to halt it from sending your telephone commutation presses to the Alibaba server, but brand certain the MantisTek Cloud Driver software is non running inwards the background, as well as block the CMS.exe executable inwards your firewall.

To block the CMS.exe executable, add together a novel firewall dominion for the MantisTek Cloud Driver inwards the "Windows Defender Firewall With Advanced Security."

Share This :