Joined
·
11,527 Posts
Quote:
"Cloud driver" for a budget keyboard. What could possibly be wrong?
Quote:If you are the owner of a MantisTek GK2 mechanical keyboard, you may want to change your passwords. Users are reporting strange network connections being made by its accompanying software that point to an IP connected with Alibaba's cloud servers. A packet analysis shows that the data being sent to the Chinese server includes keys typed by the user.
This keyboard is extremely cheap and it looks like MantisTek is trying to offset the cost by selling its users' key press data. The physical keyboard itself is fine but the software package that comes with it is where the troubles lie.
Source.The "Cloud Driver" software regularly sends packets to an IP tied to servers controlled under Alibaba. The Chinese e-commerce giant sells cloud computing services just like Amazon and Google so it's likely that they are not using the data directly. This data is also being sent as plaintext nonetheless.
"Cloud driver" for a budget keyboard. What could possibly be wrong?