Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Chinese Keyboard Maker Caught Tracking Typed Keys on Customer’s Computers
#1
http://news.softpedia.com/news/chinese-k...8423.shtml        Chinese Keyboard Maker Caught Tracking Typed Keys on Customer’s Computers
MantisTek includes keylogger in keyboard software
Nov 7, 2017 12:10 GMT  ·  By Bogdan Popa  · 
Chinese mechanical keyboard manufacturer MantisTek has allegedly included keylogging capabilities in the software application offered to customers of its GK2 model.

Specifically developed to provide more customization options for RGB illumination and macros, the keyboard companion software can also track typed keys on the keyboard and send information to a server that’s being hosted on Alibaba Cloud.

A component described as “cloud driver” appears to be responsible for recording the keypresses and sending them to IP 47.90.52.88, with the data then stored in two different locations, namely /cms/json/putkeyusedata.php and /cms/json/putuserevent.php.

The worst thing is that the data is being transmitted unencrypted, which means that anyone who monitors the traffic of your Internet connection can intercept the logged information and see what you typed on the keyboard. Everything that is being typed on a MantisTek keyboard is being collected, including credit card information, personal data, and any other text that users input on websites or in documents.

Remove the software application
The weird thing is that trying to connect to the said IP address using a browser seems to point to a Chinese login page that also hosts a link to Browse Happy. The Chinese text on the page seems to point to a cloud mouse management system, so it could provide access to data collected by the keylogger.

At this point, there’s absolutely no official information on the keylogging capabilities of the software tool and MantisTek has obviously remained tight-lipped, but customers who purchased the said keyboard model are recommended to uninstall the companion application as soon as possible to make sure their keypresses aren’t logged and sent to the company.

Additionally, a firewall that can block the CMS.exe process can also help deal with the keylogger, though in this case users must be sure that all connections to the server are blocked.

As for those whose information has already been tracked, you better keep an eye on your bank accounts and personal details to detect any suspicious activity and report it to law enforcement.   Oh no Oh no Oh no Oh no Eek Eek Eek Eek
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  Flagstar Bank customer data breached through Accellion hack Bjyda 0 1,042 03-08-2021 , 11:11 PM
Last Post: Bjyda
  CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses Bjyda 0 900 02-24-2021 , 11:40 PM
Last Post: Bjyda
  Baidu's Android Apps Caught Collecting and Leaking Sensitive User Data mrtrout 0 987 11-25-2020 , 10:08 AM
Last Post: mrtrout
  Amazon has recently terminated employees responsible for leaking customer data, mrtrout 0 938 11-02-2020 , 07:58 AM
Last Post: mrtrout
  Pharma Giant Pfizer Leaks Customer Prescription Info, Call Transcripts mrtrout 0 1,061 10-21-2020 , 06:24 AM
Last Post: mrtrout

Forum Jump:


Users browsing this thread: 1 Guest(s)