Jump to content
Fi8sVrs

MantisTek GK2's Keylogger Is A Warning Against Cheap Gadgets

Recommended Posts

  • Active Members
Posted

aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS82

 

Multiple online user reports claim that the MantisTek GK2 mechanical keyboard's configuration software is sending data to an Alibaba server. One of the reports even includes an analysis of the software’s traffic, which seems to include typed keys.

The MantisTek GK2 is a cheap RGB mechanical keyboard from China that costs half as much (or less) as the mechanical keyboards from better known companies. Multiple gadgets that come from China seem to have either poor security or privacy issues caused by collecting user data without consumers' explicit permission. The MantisTek GK2 seems to be one of those products.

The main issue seems to be caused by the keyboard’s “Cloud Driver,” which sends information to IP addresses tied to Alibaba servers. Alibaba sells cloud services, so the data isn’t necessarily being sent to Alibaba, the company, but to someone else using an Alibaba server.

aHR0cDovL21lZGlhLmJlc3RvZm1pY3JvLmNvbS82

 

The data being sent—in plaintext, no less—has been identified as key presses. This should worry people who bought this keyboard, because that could include email addresses, logins, and even passwords they may have typed at one point or another.

 

How To Stop The Keylogger

The first way to stop the keyboard from sending your key presses to the Alibaba server is to ensure the MantisTek Cloud Driver software isn’t running in the background.

The second method to stop the data collection is to block the CMS.exe executable in your firewall. You could do this by adding a new firewall rule for the MantisTek Cloud Driver in the “Windows Defender Firewall With Advanced Security.”

If you want a one-click method, you can also download the free GlassWire network monitoring tool. GlassWire will show you all the apps making connections to the internet in the “Alerts” tab and let you block those connections in the “Firewall” tab. It can also be used for other types of connections, such as all the connections Windows 10 makes to Microsoft’s servers even when you have most or all data tracking disabled.

These days, most products are made in China, but usually some other local company acts as an intermediary to ensure that the product is developed to specification and without other "features" that shouldn't be there. However, this additional protection goes out of the window when people decide to purchase directly from Chinese manufacturers via Chinese marketplaces. Not all products are going to have privacy or security issues, but extra caution is warranted.

 

Via tomshardware.com

 

  • Like 1

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...