The Mantistek GK2 gaming keyboard is a popular keyboard in the gaming community however, it has been seen that the keyboard has been silently recording key strokes and sending them to a server that is maintained by the Alibaba Group.
The Alibaba Group is a Chinese e-commerce company that provides consumer to consumer, business to consumer, and business to business sales via web portals.
The keylogger was first noticed when a few users who own the keyboard went to an online forum to share the issue. According to Tom’s Hardware “MantisTek keyboards utilise ‘Cloud Driver’ software, maybe for collecting analytic information, but has been caught sending sensitive information to servers tied to Alibaba.”
After further research it has shown that the information that’s being collected can be sent to a user that is using the Alibaba service.
Users are recommended to stop using the keyboard, make sure that the MantisTek cloud driver software is not running in the background, and block the “CMS.exe” executable in your firewall.
Our Counterintelligence Team gathers information and conducts operations to identify threats to an organization so that they can better protect against malicious activity. We accomplish this by combining advanced technology with skilled and experienced intelligence specialists. Our goal is to protect your data, your brand and your people.