In today’s digital world, the security of sensitive data is becoming a matter of concern. The attackers are always active to trace activities and information of victims, therefore everyone should need to keep an eye on security essentials and prevents unauthorized access to his/her important data.

China’s MantisTek GK2 mechanical gaming keyboards record the keystrokes without the consent of the users and send the key logs to the server maintained by Alibaba Group.

Some of the users were claiming that the built-in keylogger sends data to the Chinese server, but after more analyses, it is detected that only the information regarding the number of keys pressed, is being transferred.

MantisTek GK2 mechanical gaming keyboard keylogger

Recommended: Download Anti Keylogger Software KeyScrambler to Enhance Security

However, the intention of collecting users’ data is not clear yet, still, the silent Keylogger of MantisTek GK2 keyboard is violating security terms. Perhaps the company wants to check the performance of the keyboards rather than misusing the data.

As per Tom’s Hardware, “The main issue seems to be caused by the keyboard’s “Cloud Driver,” which sends information to IP addresses tied to Alibaba servers. Alibaba sells cloud services, so the data isn’t necessarily being sent to Alibaba, the company, but to someone else using an Alibaba server.”

The two IP addresses (“/cms/json/putkeyusedata.php” and “/cms/json/putuserevent.php”) are identified for the destination where MantisTek GK2 keyboard’s software is sending key logs data. Screenshot, uploaded by the affected user, is self-explanatory.

MantisTek GK2 keylogger data screenshot

Due to the wide range of malicious activities spreading throughout the world, the users are not suggested to use cheap and non-branded gadgets. If you are also using MantisTek GK2 keyboard, either change your keyboard or prevent this Chinese keyboard passing your sensitive information. For this, make sure that MantisTek Cloud Driver software isn’t running in the background. On the other hand, you can stop unwanted key logging by blocking CMS.exe in the firewall.



Please enter your comment!
Please enter your name here