• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • December 12th, 2019
  • Home
  • About Us
  • Team
  • Advertise
  • Submit News
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Google+
    • Linkedin
    • Youtube
Home » Surveillance » Chinese Keyboard Developer Spies on User Through Built-in Keylogger

Chinese Keyboard Developer Spies on User Through Built-in Keylogger

November 8th, 2017 Waqas Privacy, Security, Surveillance 0 comments
Chinese Keyboard Developer Spies on User Through Built-in Keylogger
Share on FacebookShare on Twitter

A Chinese mechanical keyboard manufacturer MantisTek has been caught in the middle of a controversy in which it’s being blamed for spying on users through built-in keylogger in its GK2 model and sending the data to a server apparently hosted on Alibaba Cloud server.

The communication is happening over HTTP, not HTTPS which means the user data is being sent in completely unencrypted format and contains data collected through every keystroke a user presses. This means the company has access to everything user types but what’s important is that it also opens the door for other malicious actors who can access the unencrypted traffic and steal the data or spy on a targeted user.

This was revealed by a user RebeccaBlackTech forum (followed by a Reddit post) who noted that “MantisTek’s Cloud Driver” is responsible for sending the data to an IP address 47.90.52.88 linked to Alibaba.com LLC and stores it in /cms/json/putkeyusedata.php and /cms/json/putuserevent.php.

Chinese Keyboard Developer Spies on User Through Built-in Keylogger

Sent data analyzed by one of the GK2 model users

The IP address 47.90.52.88 opens a login page in the Chinese language which when translated through Google Translator revealed this text: “Cloud mouse platform background management system wrong username or password username: Password: Remember the password Login Forgot password ^ _ ^? Is the display not good? We recommend using a browser that supports HTML5 technology. © 2015 Shenzhen Cytec Technology Co., Ltd.”

It seems like the website is home to all the collected data and needs a login and password to access. Here is a full preview of the login page that opens up through the IP address:

Chinese Keyboard Developer Spies on User Through Built-in Keylogger

Screenshot from the login page

Remember, the data that is being sent to Alibaba’s server includes everything that you type on your keyboard such as login credentials including email and password, your conversation between friends and family, your financial data such as credit card number, its CVV code and anything related to it, the website you visit, your entire browsing history, web searches and anything else that needs a keyboard since it’s a built-in keylogger.

[q]”You can just add a block rule in Windows Firewall and it’s enough to stop all connections attempts to Alibaba servers,” said Thepunish_br on Reddit.[/q]

If you are using MantisTek’s GK2 model, there are chances that your data is being stolen and your online activity is being spied on. At the time of publishing this article, there was no official comment from MantisTek.

[fullsquaread][/fullsquaread]

Source: RebeccaBlackTech | Via: Reddit

  • Tags
  • China
  • Data
  • internet
  • Keyboard
  • keylogger
  • Privacy
  • security
  • Spying
  • Surveillance
  • Technology
Facebook Twitter Google+ LinkedIn Pinterest
Previous article Hackers can conduct DoS attacks Using Flaw in Brother Printers
Next article Multi-Sig Wallets worth $300M Mistakenly Blocked by User
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism.

Related Posts
"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking

"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking

Plundervolt: A new attack on Intel processors threatening SGX data

Plundervolt: A new attack on Intel processors threatening SGX data

2.7 billion email addresses & plain-text passwords exposed online

2.7 billion email addresses & plain-text passwords exposed online

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

LATEST POSTS
How to identify malware on your phone with these 7 signs
How To

How to identify malware on your phone with these 7 signs

83
"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking
Security

"The Smartest Lock Ever” KeyWe is Vulnerable to Hacking

94
Plundervolt: A new attack on Intel processors threatening SGX data
Security

Plundervolt: A new attack on Intel processors threatening SGX data

331
2.7 billion email addresses & plain-text passwords exposed online
Leaks

2.7 billion email addresses & plain-text passwords exposed online

2705

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us