Corsair Solves Mystery Of Its Quirky Keyboard Bug And Good News, It's Not Malware
Corsair has acknowledged the presence of a peculiar bug in its K100 keyboard. Random text string history regurgitation has been causing concern among Corsair K100 users, as they thought it may be evidence of a malfunctioning keylogger working in the background. However, the good news is that the observed randomly entered text is appearing due to a Corsair keyboard firmware bug. Corsair is quick to point out that it has only received a "small number" of complaints from "tens of thousands" of K100 owners, and it is investigating the issue(s).
Keyloggers are sometimes an important component of a dose of malware or spyware. As the name implies, these attempt to read and relay user keystrokes in the hope of uncovering sensitive information such as account numbers, usernames and passwords. Some Corsair K100 users were initially quite alarmed when text that had been typed days or weeks ago started to be filled into documents and web page input fields.
As some examples of this text input bug in action one user had to totally unplug the K100 and plug it back in to stop it “randomly typing on its own,” a user couldn’t stop the keyboard typing out over 100 letters against their will, and another user was alarmed at the keyboard repeating back a line from a “very sensitive email” into other text boxes. From the examples given, where the keyboards have been unplugged and sometimes users haven’t even installed the Corsair tinkering software, it would seem like the underlying issue stems from keyboard firmware.
Corsair K100 keyboards don’t have keylogging functionality as a design feature, and Corsair insists it doesn’t log user input in any way. However, it thinks that the observed behavior might have something to do with the implementation of the K100’s macro recording functionality. The K100 can record and playback macros, and it seems like users are accidentally recording text strings into the keyboard macro memory banks, and then accidentally triggering them at a later date.
“The macro function could be inadvertently switching on and recording keyboard, and potentially mouse, inputs” a Corsair representative explained to Ars Technica, theorizing how the ‘keylogging’ concerns may have arisen. “These macros are then being triggered and reproducing inputs at a later time and misinterpreted as keylogging.”