Hiding malicious software inside hardware of all kinds is not a new practice. In fact, there have been several high-profile cases over the last couple of years with major companies having the dubious honor of participating in this mix of malware and spyware.
Now, it seems like owners of the GK2 Mechanical Gaming Keyboard from Mantistek have another reason to worry about their privacy as the device has been found to include keylogging software which has been sending typing data back to the company’s servers in China.
This time, the spy software was not discovered by experts or a dedicated security company but by a few suspicious users. Initially, users on Reddit and other online forums noticed that there was some network-based activity associated with the keyboard.
After digging further and checking the traffic with applications such as the Microsoft Message Analyzer, it was discovered that the keyboard was sending keyboard data to a server hosted on Alibaba’s cloud.
Apparently, Mantistek did not even try to hide this fact from more inquiring users as data logs are placed in plain sight within the keyboard’s software folders. The spyware works in an incredibly simple way too; it just records keystrokes and sends that data to the servers over an unencrypted connection.
Whether the software records all keystrokes or more generic typing data is still unknown. Tom’s Hardware, for instance, is claiming that the software is merely recording how many times keys on the keyboard have been pressed, which would mean that Mantistek is recording user data to better understand things like failure rates for its peripherals.
No matter the case, this is obviously a huge invasion of privacy that might even have bigger implications, considering that spying on unsuspecting users could even be considered as an act of espionage.
Such software can only be described as spyware, regardless of the exact type of data being recorded and transferred. Even if Mantistek merely wanted inconspicuous types of data, they could have made that clear to the users.
If you happen to own one of these keyboards, you do not have to trash it if you are concerned about your privacy. Instead, you can simply do one of these two things:
- Disable the keyboard’s software (Cloud Driver).
- Block Cloud Driver’s network access.
Both of these workarounds are enough to stop the software from recording and sending data, which should put your mind at relative ease.