MantisTek GK2's Keylogger Is A Warning Against Cheap Gadgets (Updated)


12 bookmarks. First posted by diamondtin 11 days ago.


Updated, 11/7/2017, 8:40am PT: An earlier version of the article stated that the keyboard's software was sending key presses. However, in a closer look, it seems that the Cloud Driver software doesn't send the key presses to the Alibaba server but only how many times each key has been pressed. via Pocket
Pocket 
7 days ago by driptray
Lucian Armasu:
<p>Multiple online user reports claim that the MantisTek GK2 mechanical keyboard's configuration software is sending data to an Alibaba server. One of the reports even includes an analysis of the software’s traffic, which seems to include how many times keys have been pressed.

The MantisTek GK2 is a cheap RGB mechanical keyboard from China that costs half as much (or less) as the mechanical keyboards from better known companies. Multiple gadgets that come from China seem to have either poor security or privacy issues caused by collecting user data without consumers' explicit permission. The MantisTek GK2 seems to be one of those products.

The main issue seems to be caused by the keyboard’s “Cloud Driver,” which sends information to IP addresses tied to Alibaba servers. Alibaba sells cloud services, so the data isn’t necessarily being sent to Alibaba, the company, but to someone else using an Alibaba server.

The data being sent—in plaintext, no less— has been identified as a count on how many times keys have been pressed.

The first way to stop the keyboard from sending your key presses to the Alibaba server is to ensure the MantisTek Cloud Driver software isn’t running in the background.

The second method to stop the data collection is to block the CMS.exe executable in your firewall. You could do this by adding a new firewall rule for the MantisTek Cloud Driver in the “Windows Defender Firewall With Advanced Security.”</p>


"Yeah, just updating my firewall rules to stop it telling China what I type." The update does point out that it's only sending *how many* times the key was pressed - maybe to see key lifetimes or durability. But even so. Shouldn't do, especially not without very explicit permission.
hacker  keylogger  china 
8 days ago by charlesarthur
RT : 一款产自中国的廉价机械键盘,MantisTek GK2,驱动软件被发现内置了键盘记录软件(keylogger),会将记录上传到阿里云的一个地址。
from twitter
9 days ago by blacktulip
RT : God damn. Buy a cheap keyboard from China; it might turn out to have a keylogger installed
from twitter
10 days ago by thej
RT : God damn. Buy a cheap keyboard from China; it might turn out to have a keylogger installed
from twitter
10 days ago by clonezone
RT : God damn. Buy a cheap keyboard from China; it might turn out to have a keylogger installed
from twitter
10 days ago by iandick
RT : God damn. Buy a cheap keyboard from China; it might turn out to have a keylogger installed
from twitter
10 days ago by sujal
RT : God damn. Buy a cheap keyboard from China; it might turn out to have a keylogger installed
from twitter
10 days ago by akmassey
Cheap Chinese keyboards may also include a keylogger that sends all of your typing to some rando.
from twitter_favs
11 days ago by girma
The first way to stop the keyboard from sending your key presses to the Alibaba server is to <strike>ensure the MantisTek Cloud Driver software isn’t running in the background</strike> hurl it out of a window and set it on fire
keyboard  keylogger  hacker  security  internet_of_shit 
11 days ago by yorksranter
一款产自中国的廉价机械键盘,MantisTek GK2,驱动软件被发现内置了键盘记录软件(keylogger),会将记录上传到阿里云的一个地址。
from twitter_favs
11 days ago by diamondtin