Updated November 8, 2017: The MantisTek debacle continues, with Tom’s Hardware posting an update to their original article surrounding the potential keylogger. It seems that while the MantisTek’s ‘Cloud Driver’ does indeed transfer information to mysterious servers, it contains no actual key press data.
Looking to ditch your old keyboard - keylogger or otherwise - here are our top picks for the best gaming keyboards.
The data sent to Alibaba’s servers contains data regarding how many times each key has been pressed, rather than the key presses themselves. Assumedly, this data is used to ascertain key switch lifespan, although this is definitely a strange and long-winded product research technique.
This is still a large breach of privacy as MantisTek fail to ask the user to consent to the keylogger, regardless of its intended purpose. The software’s outgoing connection also opens up a possible window into the keyboard software for nefarious attacks attempting to get hold of user data. Even though your data seemingly isn’t on sale on the dark web just yet, most users are still going to have much more peace of mind with the software well and truly disabled.
Original story November 7, 2017: PC users likely have some degree of experience, or at least suspicion, regarding malicious software. We take all the necessary steps required to keep bad code from infiltrating our systems, but unbeknownst to some users, their own components may be the problem. The MantisTek GK2 mechanical keyboard comes with an added extra, free of charge - a keylogger.
The MantisTek GK2 is a mid-range mechanical keyboard on a budget, and while it may look like a bit of a bargain, it hides a dangerous secret. The board utilises ‘Cloud Driver’ software, and from here stems the privacy issues. Without user knowledge or consent, the board logs your keystrokes in plain text, including any and all information you may have inputted on the device, and sends them to unknown IP addresses.
Multiple users online, spotted by Tom’s Hardware, noticed that the software was sending off their information, and that it was reaching Chinese business e-commerce giant Alibaba. Alibaba offer a server hosting service, so it’s likely the private information is making it’s way to someone who is renting the service.
For any concerned MantisTek users, it’s easy enough to prevent the keylogger from sending your information out, but alongside this, it may also be a good time to change all of your passwords. To disable the keylogger, you should uninstall any of the software that came with the keyboard and block the CMS.exe executable from within Windows Firewall or your preferred option.
It’s always important to keep a tab on your outgoing connections, just to make sure no nefarious software is broadcasting your personal information to the world. However, for the most part, keeping an eye on what you install and that it’s squeaky clean will keep your computer virus and malware free.
Unfortunately, there will always be some unsuspecting PC user that will be caught out, and it’s likely that keyloggers like this one will continue to be included with the occasional software, and may end up slipping through the net - stay frosty, amigos.